--> Skip to main content

Latest release pushes into Privileged Access Management

(0 comments)

The 4.1 release of the WiKID Strong Authentication Server - Enterprise Edition includes the ability to use one-time passcodes for Active Directory accounts. We noted an increasing focus on privileged accounts.  Companies need these accounts to manage windows PCs and infrastructure.  Multiple  system admins need to have the credentials for them too.  So, organizations often have shared spreadsheets with credentials.  You can put them into a "password vault" but then there is still a password to the vault and an attacker that is already on the system can still perform a 'pass-the-hash' attack to escalate their privilege. 

At WiKID we prefer to just get rid of the secrets.  With the new Active Directory protocol on WiKID, a user gets an OTP and it is pushed to AD as the new password.  They login with the OTP.   The WiKID server then overwrites the OTP with a random string.   WiKID allows multiple tokens on the same username as well so you can have five tokens for the user 'Admin' if you want.

The benefits:

  • No need to maintain a spreadsheet of passwords or a vault
  • Users are managed on the WiKID server vs changing passwords
  • Two-factor authentication for critical accounts in Windows

Every year the Verizon DBIR and other reports prove that attackers use credentials to infiltrate and then to escalate their privileges.  Two-factor authentication for remote access thwarts the former, this new functionality thwarts the latter.

I should also note that if you are an organization with up to 5 admins (which covers a lot of ground),  you can deploy this for free.  

Download today! 

Current rating: 5

Comments

There are currently no comments

New Comment

required

required (not published)

optional

Recent Posts

Archive

2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom