Deploying hardware tokens - getting to know the FedEx guy
It is easy to imagine how to deploy key fob tokens: pick a token out of the box, enter its ID number into the server, print out the letter to the user and stuff it in the envelope. Print a second letter with the PIN and mail it separately.
Symmetric software tokens - worse than key fob tokens?
But what about software tokens? Did you know that each RSA SoftID token is a separate individual piece of software? So if you have 500 users, you will have to generate 500 pieces of software to deliver securely to your users!
WiKID: Automating token roll out to deployment costs and save time
Only WiKID can completely automate the process of rolling out a two-factor authentication token, thanks our use of strong asymmetric encryption.
To set up a new domain, the user enters a 12-digit domain identifier. The public-private key pair is generated on the client and the public key is sent to the server (based on its identifier). The server responds with its public key and a configuration file. The user is prompted to enter their desired PIN. It is encrypted by the private key of the client and sent to the server where an account is created and the PIN is stored (encrypted, of course). The server returns a one-time registration code. The account is now created, but not active. Only after the server receives the registration code from a trusted network client will the account be validated. WiKID provides software to automate this process. In fact, the WiKID Strong Authentication server includes some simple scripts that allows users to validate their own tokens based on Active Directory credentials. WiKID is the first strong authentication system to provide complete self-service initial validation with no reduction in relative security.
For a step-by-step example to our unique self-service initial validation, test it right now!.
WiKID can also allow a user to reset their own LAN password from a wireless device! Combining both self-service systems creates a virtous circle of authentication: a WiKID user is never without a way to authenticate securely unless they forget both their WiKID PIN and their LAN credentials.
There are many additional benefits with the WiKID Authentication System.