All of our token and tokenless methods can be mixed and matched.
The question of which token or combination of tokens to issue to users is answered by finding the optimum balance of convenience, cost and mobility that satisfies the organization's security policy and desired end user experience.
The SafeNet Authentication Service platform also supports a wide variety of 3rd party tokens, including any token supporting industry standards, such as OATH, and also other vendors' tokens.
More Secure, by design
All SafeNet Authentication Service tokens allow customizable length and complexity of both the passcode generated by the token and the user's PIN, allowing organizations to control their security posture. The importance of this feature is best understood by considering the limitation of old, cheap keyfob tokens that could only produce a 6-digit numeric passcode. Such tokens can only generate 1 million different passcodes—not a large number in today's world, leaving an organization with two equally unpleasant choices.
Maintaining a security posture that mandates user PINs that are long and complex results in significantly increased help desk calls and dissatisfied users due to the frequency and frustration of forgotten PINs. However, maintaining simple PINs and reducing the security posture means passcode length and complexity become more important. By using SafeNet Authentication Service's flexible tokens, you can control both.
With SafeNet Authentication Service customers can also generate and control their own seed files, which significantly help in providing a highly secure authentication solution.
Multiple tokens per user
With SafeNet Authentication Service a single user can have more than one token at no extra cost for the service beyond the cost of the token. With the increasing popularity of BYOD (bring your own device) and the use of multiple devices to gain access to corporate resources users would often like more than one token each.
SafeNet Authentication Service also allows a user with up to three different usernames to use a single token. This is ideal for people like system administrators who may have a different token for each system they administer.