Successful enterprises are beginning to reject existing user ID and password systems and are turning to cohesive and stronger authentication solutions. Deployment of multi-factor authentication such as smartcards, one-time password tokens, biometrics, Public Key Infrastructure (PKI), and USB tokens is increasing.

These methods dramatically increase the trust associated with identification by raising the level of security. Although all are better than diverse user name and password systems, they each differ in cost, ease-of-deployment, user satisfaction, and flexibility.

Better user identity management and security can be obtained from authentication methods that add a hardware component (something you have), to a password system (something you know), to a biometric (something you are). The hardware component can include smartcards, one-time password tokens, Public Key Infrastructure (PKI) certificates, and USB tokens. To be authenticated, a user must have the hardware and know a password, and all of these components must match with a software IT authentication system used by all entry points to a given system.

Better user identity management and security can be obtained from authentication methods that add a hardware component (something you have), to a password system (something you know), to a biometric (something you are). The hardware component can include smartcards, one-time password tokens, Public Key Infrastructure (PKI) certificates, and USB tokens. To be authenticated, a user must have the hardware and know a password, and all of these components must match with a software IT authentication system used by all entry points to a given system.

The use of a second or third factor greatly improves the assurance of the authentication system. Without this additional element, access to an application or network is not possible. Should the hardware component be missing, it can be identified quickly by the system administrator; however, if a password is stolen no one would be the wiser until after an unauthorized access to the system. With only one device that equates to an individual, it also eliminates the possibility that multiple users will use a single password.

Previously, businesses only had to worry about controlling access to desktops or closed networks, but this is changing rapidly as highlighted by a security engineer, "Contractors, suppliers, and partners have been granted access to our network so we need to know exactly who is on the network and we need to be able to watch what they access. Strong authentication is what we needed and tokens provide that extra level of protection."