Anyone use usb logon keys?

[Will]

I'm just going by the original post. I didn't do an exhaustive search on
what kinds of USB keys companies have created. The original poster said it
was a USB key, and the responses seemed to mirror what was obvious to me,
which was that any system built on just a key, that doesn't force the user
to contribute additional information, is probably just opening up a security
hole.

As far as USB being memory and storage, that's clear. Someone could write
a program that inspects the attached storage for some data pattern or values
and takes action on that. Do I think that would be secure? No. Do I
think that anyone would create something like that in the first place?
Nothing surprises me. I was just going by what he wrote.

The URL I supplied for the PROXPRO product doesn't appear to use more than
just the presence of the HID badge to unlock the screen. I guess you could
do something similar with a simple USB key.

 

[S. Pidgorny]

Will,

USB is Universal Serial Bus. Some of USB devices are storage devices; other
are smart cards, together with "readers" integrated into convenien
USB-attachable devices. Examples are eToken (http://www.aladdin.com/etoken/)
and iKey (http://www.safenet-inc.com/products/tokens/). Devices that combine
USB storage and smart card functionality are also coming.

 

[sali]

is there known some *contactless* devices, with say rfid technology, thus
not requestung user to plug in smartcard identificator [and to leave
it/forget in the reader], but to wear it with himself, and as soon as he
leaves the active radius, system should lock, and after he comes near again,
offer an unlock with password.

is there such rfid device on market?

thnx.

 

[Will]

That's the PCPROX system, but my experience with proximity readers suggests
you will need to put the badge fairly close to the reader:

http://www.honeywellaccess.com/products/readers/log/18597.html#Ordering Information

--
Will

is there known some *contactless* devices, with say rfid technology, thus
not requestung user to plug in smartcard identificator [and to leave
it/forget in the reader], but to wear it with himself, and as soon as he
leaves the active radius, system should lock, and after he comes near again,
offer an unlock with password.

is there such rfid device on market?

thnx.

Will,

USB is Universal Serial Bus. Some of USB devices are storage devices; other
are smart cards, together with "readers" integrated into convenien
USB-attachable devices. Examples are eToken (http://www.aladdin.com/etoken/)
and iKey (http://www.safenet-inc.com/products/tokens/). Devices that combine
USB storage and smart card functionality are also coming.

search

on

 

[sali]

yes, i found contactless reader based on iso14443 which limits proximity to
few inches, but there is also iso15693, which may have radious of few yards.
but, quick search showed me just readers based on iso14443 [sometimes called
phillips "mifare" system].

but, if proximity is important, what happens when identification card is
taken afar from reader? does computer hang on immidiatelly? or you need card
just for login, and after that [until logoff] you don't need it?

i would like to find some identificating system requesting card whole time
inside active radius, so user may not leave computer unattended and running!

That's the PCPROX system, but my experience with proximity readers suggests
you will need to put the badge fairly close to the reader:

http://www.honeywellaccess.com/products/readers/log/18597.html#Ordering In
formation

--
Will

is there known some *contactless* devices, with say rfid technology, thus
not requestung user to plug in smartcard identificator [and to leave
it/forget in the reader], but to wear it with himself, and as soon as he
leaves the active radius, system should lock, and after he comes near again,
offer an unlock with password.

is there such rfid device on market?

thnx.

Will,

USB is Universal Serial Bus. Some of USB devices are storage devices; other
are smart cards, together with "readers" integrated into convenien
USB-attachable devices. Examples are eToken (http://www.aladdin.com/etoken/)
and iKey (http://www.safenet-inc.com/products/tokens/). Devices that combine
USB storage and smart card functionality are also coming.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

I'm just going by the original post. I didn't do an exhaustive

search

on
what kinds of USB keys companies have created. The original poster said
it
was a USB key, and the responses seemed to mirror what was obvious

to
me,

which was that any system built on just a key, that doesn't force

the
user

to contribute additional information, is probably just opening up a
security
hole.

As far as USB being memory and storage, that's clear.

 

[Will]

I think the behavior when the user walks away is determined by the software
provided with the prox reader. With ProxPro you can configure it to lock
up the screen as soon as the proximity reader no longer senses the card's
presence.

--
Will

yes, i found contactless reader based on iso14443 which limits proximity to
few inches, but there is also iso15693, which may have radious of few yards.
but, quick search showed me just readers based on iso14443 [sometimes called
phillips "mifare" system].

but, if proximity is important, what happens when identification card is
taken afar from reader? does computer hang on immidiatelly? or you need card
just for login, and after that [until logoff] you don't need it?

i would like to find some identificating system requesting card whole time
inside active radius, so user may not leave computer unattended and running!

That's the PCPROX system, but my experience with proximity readers suggests
you will need to put the badge fairly close to the reader:

http://www.honeywellaccess.com/products/readers/log/18597.html#Ordering In

formation

--
Will

is there known some *contactless* devices, with say rfid technology, thus
not requestung user to plug in smartcard identificator [and to leave
it/forget in the reader], but to wear it with himself, and as soon as he
leaves the active radius, system should lock, and after he comes near again,
offer an unlock with password.

is there such rfid device on market?

thnx.
Will,

USB is Universal Serial Bus. Some of USB devices are storage devices;
other
are smart cards, together with "readers" integrated into convenien
USB-attachable devices. Examples are eToken
(http://www.aladdin.com/etoken/)
and iKey (http://www.safenet-inc.com/products/tokens/). Devices that
combine
USB storage and smart card functionality are also coming.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

I'm just going by the original post. I didn't do an exhaustive search
on
what kinds of USB keys companies have created. The original poster
said
it
was a USB key, and the responses seemed to mirror what was obvious to
me,
which was that any system built on just a key, that doesn't force the
user
to contribute additional information, is probably just opening up a
security
hole.

As far as USB being memory and storage, that's clear.