An extra touch of security
- By Michelle Speir
- Apr 16, 2001
In simpler times, death and taxes may have been the only certainties in life, but today's information technology managers might add computer security threats to the list.
With security issues here to stay, one of the current challenges facing vendors is how to provide effective security while limiting intrusiveness and maintaining ease of use.
Biometrics — identifying users by their physical or behavioral characteristics — has emerged as a viable security option for both computer and physical access. When choosing a biometric authentication method, IT managers must weigh four factors: accuracy, cost, ease of use and perceived intrusiveness. Some high-security environments might warrant a system that is costly and somewhat cumbersome, but in other cases, an agency might want to add protection without installing extra hardware or spending a lot of money.
Net Nanny Software International Inc. has developed a unique biometric product perfectly suited to the latter situation. BioPassword LogOn for Windows NT is client/server software that blends seamlessly with Microsoft Corp. Windows NT networks, requires no extra hardware and is quite affordable.
BioPassword LogOn uses keystroke dynamics — a measurement of the rhythm and speed of a person's typing — to confirm a user's identity. It uses behavioral biometric data rather than physiological biometric data, which is a reading of static traits such as an iris or fingerprint patterns.
Behavioral biometrics are generally not as accurate as physiological biometrics, but they are still a viable means of security, especially when combined with other methods.
Installing BioPassword Log-On couldn't be easier. Both the server and client modules are installed from the same CD-ROM and even use the same wizard-guided setup file. We completed the installation on our server and one client in less than 10 minutes.
To enroll, a user types his or her user name and password 10 to 20 times. The system default is 15 times, which is what we used.
After completing the one-time enrollment process, a user simply logs in as usual. Behind the scenes, BioPassword LogOn compares the typing rhythm to the user's stored biometric template. If the templates match, access is granted.
BioPassword LogOn security levels can be individually set for each registered user. The default is level three, which we found to work well. If the level is set too low, the system accepts anyone, and if it's set too high, it can reject legitimate users.
Net Nanny recommends eight- character user names and passwords for optimal security, and our testing proved this to be sound advice. In one case, we were able to foil the system even with a seven- character user name and password, with the user set to security level five. However, keep in mind that an imposter would first have to know the user's password for this to happen.
Using the BioPassword Utility on the server, admin-istrators can disable the program on individual work-stations when a user is unable to type normally for any reason, such as a hand injury. Users must still log in with the correct user name and password so the workstation remains protected.
BioPassword LogOn is an effective extra layer of network security. Its standout qualities are superb convenience and low cost. If administrators follow the guidelines for character length and security level, false acceptance should not be a concern. Also, the product is not designed to be the only, security on a network — all systems are still password-protected. With BioPassword, systems are even harder to crack because it would take more than simply stealing a password. Another person's keystroke dynamics are virtually impossible to imitate.
Network running Windows NT 4.0, Service Pack 5 or higher. Server: 5.1M of disk space. Client: 0.8M of disk space. All systems: at least 133 MHz Pentium II processor and 64M of RAM.