Posted by: Tony Bradley
authentication, encryption, PINSafe, Swivel, unauthorized access, Windows login, Zecurion
While the familiar “bum-diddy-bump-bump…knock-knock” of the popular musical couplet “shave and a haircut…two bits” may have served as sufficient authentication as a secret knock for the tree fort you and your friends played in as kids, the valuable and sensitive data contained on your Windows computer needs better protection.
The traditional Windows username and password provides some level of protection, but passwords are often trivial to guess or crack. Swivel has developed PINSafe plug-in support for the standard Windows login credentials to provide stronger authentication and better security.
A Swivel press release explains, “The PINsafe plug-in can protect the user’s device for both on and off network authentication. Users of the PINsafe protected devices are presented with a randomly generated security string in the form of an obfuscated “TURing” image in addition to the standard Windows request for their username and password. To complete the login process the user extracts and enters a one-time-code from the security string using their fixed PIN to provide a much stronger authentication credential. This also prevents non-authorised access to data stored locally on the device.”
Chris Russell, Swivel’s CTO said: “The addition of PINsafe to the Windows login process not only prevents unauthorised co-workers accessing sensitive data in the office environment, but also provides added peace of mind in situations where company laptops are regularly used outside the network perimeter. I am thinking here particularly about the many high profile incidents where these have been left on trains or stolen from individuals’ homes. Without the user PIN number, accessing any data stored on the laptop protected by PINsafe will be very difficult.”
While I agree with Russell that stronger authentication can prevent unauthorized access to, and compromise of, sensitive information on laptops, I would not suggest relying solely on authentication to safeguard that data. Authentication is only one method or layer of security, and with enough time and resources it could be circumvented. Feel free to use stronger authentication as well, but for laptops it is important that the data itself be encrypted as well.