I am testing one of these USB authentication keys made by Authenex.com to see if they may fit in our .org...specifically we are interested in hard disk security for outside sales laptops. Check out the link: http://www.authenex.com/products_hdlock.cf...variable=hdlock

I tried these guys out about 6 months ago, it was a very promising product at a very competitive price. I didn't end up going with it as the product was much (much) too green with all sorts of problems.

One of the main systems we wanted this to integrate with was the Cisco VPN3k, they didn't have a solution that worked well (think massive help desk calls) because it wasen't truely integrated. Plus the backend admin system was horrible, we needed their engineers just to come and get it setup correctly. If they have solved this and have fixed the backend administrative woes I think this would be a good solution.

We ended up going with Secure Computing's Safeword system which did work much better and fully integrated with all of our systems perfectly. A bit more expensive but much more mature. RSA performed exactly the same as Safeword but was quite a bit more expensive so the choice was obvious.

Maybe it is time to look at authenex again, especially as they probably have their AD integration and hard drive encryption implemented. Just make sure it works for all of your applications before purchasing it.

Does anyone out there know of a good opensource two-factor program? If not I think it would be a great program to try and build using off the shelf USB hard drives and standard PKI. I would say something like: encrypt the private key on the USB drive using an application specific key (perhaps company wide maybe only system specific) then it's just a matter of challenge/response encryption decryption. The key is making sure that the private key is somehow locked to the device and can't be moved. Hmmm.....

--P>G>>

Though this was posted sometime ago I appreciate the topic. There was some discussions previously in another forum that I used to visit similar to this thread.

I think the end result was one users company went with RSA and the other 2 thought it was 2 pricey.

Thanks Packet and Chris.ology I appreciate the read.

Actually I'm getting my RSA certified engineer cert this week, lots of fun. I still like RSA and Safeword the best, sometimes the extra cost is saved on support time. Although I am going to swing back around and try Authenex again to see if they have "matured"

--P>G>