Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)
      9  1.2  Authentication

Previous Topic/Section
1.2.4  Username/Password
Previous Page
Pages in Current Topic/Section
1
Next Page
1.2.6  Multi-Factor
Next Topic/Section

1.2.5  Tokens

A token is usually a hardware device (most commonly assumed to be an RSA SecureID token-type device), which changes an ID code on a frequent basis, normally 60 seconds. Tokens are used to authenticate yourself via “something you have” and “something you know” – along with every SecureID token; you are issued a PIN number.

These SecureID devices are slightly smaller than a box of TicTacs, and have an LCD screen on the front. The screen displays a seeded number that changes every 60 seconds. When you connect to the server (normally via a VPN tunnel etc), you enter your PIN number followed by the number showing on your token. The server then authenticates you based on that, as the server has the same seed as your token, knows your PIN, and can therefore confirm that the two match. This complies with the "something you have and something you know" model.

The other way tokens are used in authentication is simply as data. On some systems, when you authenticate yourself, you are given a special set of data, known as a token, identifying you to the system. In the future during your computing session, when you need to furnish authentication information (for instance, to other network services), rather than sending the user and password again, you send this token data. Possession of this “virtual token” is proof of your authenticated identity.


Previous Topic/Section
1.2.4  Username/Password
Previous Page
Pages in Current Topic/Section
1
Next Page
1.2.6  Multi-Factor
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.