RSA Offers to Replace Tokens
RSA issued a press release, offering to replace all tokens if a customer asks for it. As an alternative, RSA also offers to implement additional authentication monitoring.
Aside from the press release, and an interview with the RSA CEO, there have not been any details about how this would work or how long it will take. However, RSA states that this will cover all customers, even if RSA considers them not at risk.
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Keywords: rsa two factor
5 comment(s)
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
×
Diary Archives
Comments
And why should we now believe anything they have to say?
Anonymous
Jun 7th 2011
1 decade ago
Rob VandenBrink
Jun 7th 2011
1 decade ago
It will be interesting to see if we accept the offer of new tokens, we have thousands of them.
Larry
Jun 7th 2011
1 decade ago
Hopefully with replacement authentication server and brand new tokens produced, everything using key material generated after intruders were locked out, and a promise they haven't kept record of sufficient information for anyone to replicate the replacement tokens?
It would seem pointless if they're offering to replace potentially compromised tokens with (still potentially compromised) tokens from their warehouse,
but stranger things have happened.
Mysid
Jun 7th 2011
1 decade ago
GJB
Jun 8th 2011
1 decade ago