Saturday, May 12, 2007

If only tokens were cheap...

Token based authentication has been something that every large organization that I've worked with has considered, and often it is something that they have deployed. The problem is that the deployment has typically been very small scale, and that it was typically limited to a tiny subset of users. In organizations of every size, token cost was a major factor in deployment - either controlling size, or even the possibility of deployment.

The good news is that token cost won't be the controlling factor for small and mid-size installations much longer if Entrust's IdentityGuard Mini Token is any indicator. The list price for the token is $5. Yes, that's $5, on a one-off purchase, not in ridiculously large quantities. While I've seen the occasional note about some large purchasers pulling in pricing like this on existing tokens, you just haven't been able to buy tokens in smaller quantities for anything approaching $5.

That doesn't change the cost of the back end software, nor the cost of administrative time and implementation time. The good news is that if you were holding back because $35 tokens were too expensive to roll out, or because replacing them would cost too much when your students lost them, now they cost less than lunch - and they're even waterproof.

The gotcha? The tokens aren't available yet. The website takes you to a contact form. I'll take the wait, if this is the shape of things to come. Tokens that are priced reasonably enough to deploy system wide can help make password change policies much less onerous, and improve security if properly implemented. That's a cheap security improvement.

No comments: