[vpn] VPN authentication
Rick Smith at Secure Computing
rick_smith at securecomputing.com
Thu Oct 11 18:13:43 EDT 2001
At 07:11 AM 10/10/2001, skr wrote:
>Is there any VPN product which supprorts User ID+ Password+MAC Address
>authentication..over WAN.
I don't think so, and the reason is because the MAC address isn't a
reliable identifier. Many (most?) NICs allow you to replace the MAC
address. If you're worried about an attacker capturing your user ID and
password, then you run the same risk with the MAC address.
>Is there any VPN product which supports three part authentication User
>ID + Password + anything..(excluding secure ID, Digital ertificate,
>Radius ) say one more password
If one password isn't providing the protection you need, then a second
password, or a longer password, probably won't improve matters. If someone
is asking you for "two factor authentication" then you're trying to do the
wrong things. You need to combine memorized data (the password or PIN) with
a personal authentication device (like one of those tokens) or a biometric
reading. You don't get two factors by using two passwords.
Rick.
smith at securecomputing.com roseville, minnesota
"Authentication" in bookstores http://www.visi.com/crypto/
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list