RSA SecurID

RSA SecurID is multi-factor authentication (MFA) technology used to protect network resources, such as applications and websites. Its purpose is to mitigate risk and maintain compliance without disrupting employee productivity.

This technology can confirm user identities to ensure they are only granted access to the resources they need to do their jobs. RSA SecurID can quickly and securely provide appropriate access to resources both on-premises and in the cloud.

How does RSA SecurID work?

RSA SecurID is a two-factor authentication is based on two factors: a password/PIN and an authenticator. 

The authenticator is typically a hardware token (such as a USB token, smart card, or key fob), and the software token is the RSA authentication manager software that provides the security engine used to verify authentication requests.

As its name implies, MFA uses multiple factors (at least two) to confirm the identity of users. There are three types of authentication methods that can be combined for MFA:

  • Something you know: This refers to a piece of information that only an individual user should have knowledge of. The most common are PINs, passwords, or the answer to a security question.
  • Something you have: This is a unique component given to a user. It may be a one-time password (OTP), hardware or software token, trusted device, smart card, or a badge.
  • Something you are: This refers to a unique characteristic of a user that can be used to confirm their identity made possible by newer technologies. The most common form is biometrics, such as face recognition, fingerprint readers, or retinal scans.

When a user attempts to access a protected resource, he is prompted for a unique passcode. The passcode is a combination of their password/PIN and the code that is displayed on the authenticator token at the time of login.

The user ID and passcode are intercepted by the RSA authentication agent and presented to the RSA authentication manager software which validates the passcode. The RSA SecurID system computes what number the token is supposed to be showing at that moment in time, checks it against what the user entered, and makes the decision to allow or deny access.

RSA SecurID vulnerabilities

RSA SecurID is a big step forward in user identity security beyond just using passwords, especially with the evolution of zero-trust security frameworks, but vulnerabilities still exist. These are some of the most common vulnerabilities:

  • The simplest vulnerability occurs if a key device or a trusted personal device with the integrated key function is stolen. This automatically gives an attacker access to at least one factor of authentication. If a hacker is able to access the algorithm that generates the token number on the authenticator, the token from the authenticator becomes worthless. 
  • Token codes, whether they are hardware or software, can be as easy for attackers to steal as a password. MFA that uses only a combination of passwords and tokens remains extremely vulnerable.
  • RSA SecurID offers protection against password replay attacks but can’t prevent all man-in-the-middle (MITM) attacks. This term refers to a malicious actor who is able to eavesdrop on the communication between a user and a network resource or to completely impersonate one of the parties. They can then use the information gained from these communications to bypass authentication.

Social engineering practices are a common vulnerability that many people face every day. Phishing, often via email or instant messaging, can deceive users into revealing details, such as passwords or answers to security questions.

RSA SecureID was the target of a network breach in March 2011. The hack led to attacks on RSA clients (the end-users), including military contractor Lockheed Martin. Later that year, L-3 Communications was another victim of an attempted hack attack through the RSA SecurID system. 

NOTE: This story was reviewed and updated in December 2021 by Ali Azhar.

Vangie Beal
Vangie Beal
Vangie Beal is a freelance business and technology writer covering Internet technologies and online business since the late '90s.

Related Articles

Computer

What is a computer? A computer is a programmable machine. The two principal characteristics of a computer are: It responds to a specific set of...

Best Governance, Risk, & Compliance (GRC) Software & Tools for 2022

Governance, risk, and compliance tools automate enterprise tasks such as ensuring regulatory compliance and mitigating technical and physical risks, including financial, human capital, security,...

Top Web Application Firewall (WAF) Solutions for 2022

Web application firewalls (WAF) help enterprises neutralize common website attacks and breaches, protecting site uptime and accounts that store sensitive information. A WAF sits...

Endpoint Detection and Response (EDR)

Endpoint Detection and Response, or EDR, is a form of technology that provides continuous monitoring and response to advanced cybersecurity threats against enterprise networks...

Agile Project Management

Agile project management enables business teams to approach their projects and tasks with...

Private 5G Network

A private 5G network is a private local area network (LAN) that utilizes...

Rich Communication Services (RCS)

Rich communication services (RCS) is a mobile messaging approach in which session initiation...