Product Reviews

Login Simplified

SecureLogin takes the work out of password management.

If I were to ask you what the biggest systems security risk is right now, what would you say? The SQL Slammer virus? IIS buffer overruns? Malicious scripts sent via e-mail? These are some of the most common answers. While these are problems, to be sure, most people overlook the simplest and most dangerous security risk of all—weak passwords. There’s no end to what hackers can do if they crack even one password on your network. The problem is that users have so many passwords to remember that they’re forced to make them weak just so they can remember them. So what can you do to mitigate this risk? Protocom comes to the rescue with SecureLogin.

SecureLogin is a client-server product that provides single sign-on capability to your users. This means that your users only log on at system start up. After that, any time a password is required, it’s provided by SecureLogin.

The way it works is simple: On the back end, SecureLogin supports NetWare NDS, Windows Active Directory and LDAP. When the server portion is installed, the network directory schema is modified so that user passwords can be stored directly, with the user objects in the directory. Once the server portion is in place, you install the client software on each machine, which will run at system startup. While the client program is active, it constantly monitors the system for password requests and, when it finds a request, it asks the user if he or she wants to store the password for future use. If the user allows SecureLogin to manage the password, it’s stored in the network directory structure and recalled every time that password field comes up (see figure).

This raises a few questions, though. You may wonder what happens if users change one of the passwords managed by SecureLogin. The client program has built-in management functions that allow users to change passwords and even manually add and remove managed sites so they’re completely in control of their passwords. Also, you may wonder about the security of the passwords as they’re transferred over the network. To put your mind at ease. SecureLogin uses a challenge/response hashing algorithm with 3DES encryption so that passwords aren’t visible over the wire.

SecureLogin allows storage of passwords
SecureLogin gives users the option to store passwords for future use. (Click image to view larger version.)

What I really like about this application, besides the obvious relief from stress, is the speed. I run a lot of stuff on my server and this application still runs lightning fast. As soon as I brought up an application or Web page that required a password, SecureLogin instantly provided it and I was logged in.

There are two important things to keep in mind when considering this product. The first is that this is client/server. If you have a small network without a server, this won’t work. Second is the price. For what SecureLogin does, the $79 per user is fair, but it can add up. Overall, if you’re interested in securing your network and making your users’ lives easier, consider this product.

[SecureLogin version 3.1 is set to ship this summer—Ed.]

About the Author

Joseph L. Jorden, MCSE, MCT, CCNA, CCDA is Chief Technical Officer for Dugger & Associates (www.Dugger-IT.com). He was one of the first 100 people to achieve the MCSE+I and one of the first 2,000 to become an MCSE under Windows 2000. Joseph frequently contributes to books from Sybex and various periodicals.

comments powered by Disqus

Reader Comments:

Thu, Aug 26, 2004 sequoia menlo park

Protocom is good -- but Datakey Axis is better and has more credible deployments.

Tue, Nov 4, 2003 Anonymous Anonymous

Great review of a great product!

Wed, Jun 25, 2003 Alexander Straub USA

The article isn't entirely correct. I'm running SecureLogin in standalone mode on my workstation, without a server backend. The built-in scripting language lets you configure about anything you can think of. i.e. anytime you startup notepad, it can run iexplorer in the background, automatically go to hotmail.com and log you into your account. The possibilities are endless.

Tue, May 13, 2003 Anonymous Anonymous

Nice review showing the MS perspective. Had previously seen with NDS.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.