Alternative to Floppy Disk Authentication for Client-Server Non-Web System?
May 13, 2004 3:01 PM Subscribe
Looking for advice for replacing the floppy disk as an authentication factor for logging onto a client-server non web-based system. Anyone have any bright ideas? [Details within]
Currently, we are using floppy disks to store Entrust (PKI) information that users must have in order to access the system (an older system and architecture written in C++, I think). I want to ditch the floppy, but can't think of a better alternative. Anything else, it seems to me, would require a drive letter, and the application would have to search through all the drives in order to find the user's file, adding time to the login. Also, it would be nice to limit the types of media users could access the system with (as in, no iPods and the such). Only real limit is that the file cannot be local, as in residing on the PC, and that the application requires write access to the file, so no CD's. Does anyone have experience with this sort of thing? Any brilliant ideas spring to mind? Any help would be greatly appreciated!
Currently, we are using floppy disks to store Entrust (PKI) information that users must have in order to access the system (an older system and architecture written in C++, I think). I want to ditch the floppy, but can't think of a better alternative. Anything else, it seems to me, would require a drive letter, and the application would have to search through all the drives in order to find the user's file, adding time to the login. Also, it would be nice to limit the types of media users could access the system with (as in, no iPods and the such). Only real limit is that the file cannot be local, as in residing on the PC, and that the application requires write access to the file, so no CD's. Does anyone have experience with this sort of thing? Any brilliant ideas spring to mind? Any help would be greatly appreciated!
Smartcards?
I don't understand why you aren't considering them. Is it the cost?
posted by blindcarboncopy at 3:32 PM on May 13, 2004
I don't understand why you aren't considering them. Is it the cost?
posted by blindcarboncopy at 3:32 PM on May 13, 2004
Does it have to be an actual file? A friend of mine runs a company that provides cell phone recharge card vending machines and they use a system where everyone who needs admin access to the machines carries a small receiver which is sent a new validation number every 5 minutes or so, which they need to use to log in. No idea where they come from or anything else about them, but I could probably find out if nobody else has heard of it and it sounds like a possibility. Otherwise, I would second the USB drive idea.
Why do you feel a need to ditch using the floppy? Is it because of non-availability of floppy drives in new PCs?
posted by dg at 3:45 PM on May 13, 2004
Why do you feel a need to ditch using the floppy? Is it because of non-availability of floppy drives in new PCs?
posted by dg at 3:45 PM on May 13, 2004
usb drives is the obvious answer, although you'll probably still have to work with the issue with the drive letters. most hidden media types (e.g. not barcodes) are drive based. CD Business cards; usb pen drives; floppy disks all fall into this category.
I think you're worrying too much about searching through the drives. If you've got access to the code, then you can specify that only the root folder of local drives (excluding A & B) get searched. This should be pretty quick. Local Hard disks will get searched in milliseconds.
Hope that makes sense. Bottle of wine typing fluency kicking in.
posted by seanyboy at 4:10 PM on May 13, 2004
I think you're worrying too much about searching through the drives. If you've got access to the code, then you can specify that only the root folder of local drives (excluding A & B) get searched. This should be pretty quick. Local Hard disks will get searched in milliseconds.
Hope that makes sense. Bottle of wine typing fluency kicking in.
posted by seanyboy at 4:10 PM on May 13, 2004
ditto on the smartcard thing. gemplus make cards and cheap readers (i guess a bunch of other people do too - gemplus is just what i've used).
posted by andrew cooke at 4:45 PM on May 13, 2004
posted by andrew cooke at 4:45 PM on May 13, 2004
Response by poster: Good ideas thanks!
I guess I could have been more detailed in my question, cost is definitely a factor, as well as the PC configuration of the end users. Smart cards would be ideal, but for the cost and compatibility issues (we're talking lots of Widows 98 and NT users). USB has the same issues with compatibility in my mind, but that's a good tip about only searching the root drive.
It does have to be an actual file that is accessed (actually a series of them, 6 or so) and written back to, which I think eliminates ibutton, but I'll give that a second look, thanks.
The other issue is that the functions that users are performing with the floppy's are extremely time sensitive, making the floppy ideal. You lose it, or it gets corrupted and you pop in another. Not so fun with USB devices, etc.
And yeah, this is because of new PC's that aren't being shipped with floppy drives. The problem (for me at least) is that the phasing out of floppy drives is so gradual that it's really annoying to address fully and completely in one fell swoop.
Thanks again!
posted by loquax at 6:52 PM on May 13, 2004
I guess I could have been more detailed in my question, cost is definitely a factor, as well as the PC configuration of the end users. Smart cards would be ideal, but for the cost and compatibility issues (we're talking lots of Widows 98 and NT users). USB has the same issues with compatibility in my mind, but that's a good tip about only searching the root drive.
It does have to be an actual file that is accessed (actually a series of them, 6 or so) and written back to, which I think eliminates ibutton, but I'll give that a second look, thanks.
The other issue is that the functions that users are performing with the floppy's are extremely time sensitive, making the floppy ideal. You lose it, or it gets corrupted and you pop in another. Not so fun with USB devices, etc.
And yeah, this is because of new PC's that aren't being shipped with floppy drives. The problem (for me at least) is that the phasing out of floppy drives is so gradual that it's really annoying to address fully and completely in one fell swoop.
Thanks again!
posted by loquax at 6:52 PM on May 13, 2004
You may also consider USB dongles; I whipped up a licensing solution for a customer a few months ago, and USB dongles worked like a charm. I used Rockey; the C++/C/VB interface was simple enough, no drive letters required and they are only a few bucks each if you buy more than a few of them at a time. Extra goodness: they are writeable, have usage counters, and since they are proper USB devices they can be chained together. And they're tiny. Not a plug, just a happy developer.
posted by costas at 7:16 PM on May 13, 2004
posted by costas at 7:16 PM on May 13, 2004
The USB ideas seem ideal, but I was under the impression the WinNT didn't support USB? You'll need to check on that if you go this route.
posted by thatwhichfalls at 4:20 AM on May 14, 2004
posted by thatwhichfalls at 4:20 AM on May 14, 2004
This thread is closed to new comments.
posted by banished at 3:16 PM on May 13, 2004