I was in a conversation this week with someone else in the online security space and I happened to mention that I think Tricerion’s Safe Login is pretty darn sweet. He was a proponent of a keyfob token that additionally used a USB chord and a card too. Yikes. That’s too complicated for me. In the course of our conversation he told me that Tricerion’s system is very user-friendly and elegant for enterprises, but… (so he said) it doesn’t protect against trojans or malware. WHAT?
Ahem. I’m here to clear up that awful myth that Tricerion strong mutual authentication is less secure than those irritating tokens. So here it is folks, the cold, hard facts.
Malware and trojans are all about stealing passwords. They steal them by capturing typed in passwords and login names. With Safe Login, passwords are never typed in – they’re entered on an on-screen keyboard using the mouse to select either alphanumeric characters or pictures that make up a password. To malware, it’s like grasping at air – there’s nothing for them to catch.
What makes Safe Login even more special is that it anticipates and protects against something that has never happened. See, virtually every (secure) login everywhere is protected by 128-bit encryption. No one has figured out how to crack it, but that doesn’t mean hackers aren’t trying. And if someone did crack it, the world would be their oyster. They’d have all logins and passwords in open text, able to hack just about anything, anywhere. Tricerion has this really elegant, intuitive system that separates data streams, so that if SSL 128-bit encryption were ever cracked, anyone using Tricerion’s system would be protected.