User name and password solutions are termed single-factor because you only use something that you know to access the network. Multi-factor authentication systems overcome the issues of single-factor authentication by a combination of requirements, including:
-
Something the user knows, such as a password or personal identification number (PIN).
-
Something the user has, such as a hardware token or smart card.
-
Something the user is, such as a fingerprint or retina scan.
Smart cards and their associated PINs are an increasingly popular, reliable, and cost-effective form of two-factor authentication. Users must have their smart cards and know the PINs to gain access to network resources. The two-factor requirement significantly reduces the likelihood of unauthorized access to your organization’s network.
Check out this article on how to enable smart card authentication for VPN connections over at:
http://technet.microsoft.com/en-us/library/cc875840.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP – Forefront Edge Security (ISA/TMG/IAG)