Hardware security tokens

Top  Previous  Next

Note: available in Ritlabs The Bat! Professional only

 

When the user starts Ritlabs SecureBat!, the program looks for the token that contains the assigned ID, reads the ID from the token, and uses the 128-bit encryption key from that ID for on-the-fly encryption of the message base, address books and configuration files. Make sure that the token is plugged in while working with Ritlabs SecureBat! Once the token is unplugged, the program hides all its windows and prompts the user, asking whether they want to exit (loosing changes) or to plug the token back and continue working with Ritlabs SecureBat!. The user may, however, use this feature as an emergency exit from the program.

 

 

 

 

 

Note: available in Ritlabs The Bat! Professional only

 

Most computers and networks use simple usernames and passwords to protect themselves. But passwords alone do not provide adequate protection - they are all too easily shared or guessed. Hardware security tokens have been specifically designed as portable and secure authentication tokens that address the password replacement needs of both users and systems administrators.

 

The hardware token contains an integrated circuit with a processor, non-volatile random access memory and a USB interface to a PC. It provides the security of smart cards without the hassle and cost of a reader. The token is small and lightweight, making it easy to carry on a key chain or in a daily planner.

 

The token is a portable two-factor authentication token ideally suited for e-mail security.

 

Each token contains a unique 64-bit factory-installed serial number that differentiates an individual token from all other tokens. A token also has a customisable friendly name to differentiate them in a more convenient and friendly way, e.g. "Bob's token."

 

A token can be in one of three security states: Security Officer State, User Security State and Guest Security State. The security state of the token defines what kinds of actions it can be used to perform. Once plugged in, the token sets itself to Guest Security State until the User PIN or Security Officer (SO) PIN has been entered and verified.