BlackBerry Forums Support Community               

Closed Thread
LinkBack Thread Tools
Old 09-13-2006, 01:12 PM   #1 (permalink)
Talking BlackBerry Encyclopedia
Join Date: Mar 2005
Location: Washington DC
Model: all
Carrier: All carrier's
Posts: 315
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default two way factor authentication...

Please Login to Remove!

okay, ladies and gents...

big brother...any bes admins have any CHEAP ideas on how they are going to implement Two way factor authentication for their handhelds.

I just got my tap on the should from my CIO...

here some info
OMB order accelerates efforts to protect remote access and personal information

I"m all ears...lets talk about it.
Old 09-13-2006, 03:13 PM   #2 (permalink)
Knows Where the Search Button Is
Join Date: Jul 2006
Model: 7290
Carrier: T-Mobile
Posts: 36
Post Thanks: 0
Thanked 0 Times in 0 Posts

We're waiting on some of the big boys to implement the Bluetooth Smart Cards before we weigh in. Although for government you should only need two factor authentication if you are shooting for devices required to meet level 3 or 4 standards under FISMA, at least thats my understanding.

I'd also be interested in hearing if anyone has implemented, or knows of alternatives to the smart cards.

Are you using content protection as well?
Old 09-14-2006, 10:50 PM   #3 (permalink)
Knows Where the Search Button Is
Join Date: Nov 2005
Model: 7290
Posts: 32
Post Thanks: 0
Thanked 0 Times in 0 Posts

BES 4.1 has two factor auth.
Old 09-15-2006, 06:25 AM   #4 (permalink)
Knows Where the Search Button Is
Join Date: Sep 2006
Location: UK
Model: 8800
PIN: uh uh
Carrier: many
Posts: 44
Post Thanks: 0
Thanked 0 Times in 0 Posts

I like the idea of two factor authentication but I think RIM's smartcard is way overpriced at $199.

I also dont quite understand the path they have chosen. Surely if the card is within bluetooth range then that is one factor authentication and the standard password is the second factor. By making the user press a button on the smartcard to reveal a unique password which the user has to then enter on the handset makes it three factor authentication surely? TBH, it sounds like a nightmare - especially if a low Periodic Challenge time rule is applied as would be the case if you were a government or concerned about security.

Why not just authenticate if the smartcard is within range of the handset in the same way that plugging in a USB dongle into a PC as a means of authentication?
Closed Thread

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Copyright 2004-2014
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.