Previous Topic: X.509 Client Certificate Authentication Schemes

Next Topic: Proxy Authentication Schemes

Token Authentication Schemes

Token authentication schemes generally rely on two-factor authentication. The first part of two-factor authentication requires a small device which may be connected to a PC, or may be an independent device that provides unique passwords. The hardware device provides proof of possession, since a user must have access to the device to authenticate. The second part of two-factor authentication provides proof of knowledge, generally in the form of a password.

In most cases, the passwords generated by the hardware components change at regular intervals. A user logs in and provides the authentication information specified by the hardware token. The Policy Server compares the information provided by the hardware token to the information provided by the token server component to verify a user's credentials.

The Administrative UI provides authentication scheme templates for the following hardware-based security tokens:


Copyright © 2010 CA. All rights reserved. Email CA about this topic