Intel beefs up online security with two-step logins

Posted on
Follow up on this and other innovations at Intel's Cloud Computing Technology portal and learn about the emergence of new cloud-based solutions.

As people grow more comfortable with storing information in the cloud, it's becoming increasingly important to make sure such data is kept away from prying eyes. Usernames and passwords are generally okay for most services -- as long as you use a strong password, of course -- but they don't provide ample protection and are susceptible to phishing and social engineering tricks. What is needed is a way to more clearly tie a user's identity to a trusted device.

One popular method businesses employ today is two-step authentication procedures, where users are required to type in a special, short-lived code in addition to their normal password to get into their accounts. This special code is generated on the spot by a physical 'token' that usually comes in the form of a key fob, smart card or USB stick.

Physical tokens are used by many Fortune 500 companies, but the problem with this approach is that it can be rather expensive to maintain when there are hundreds of employees and partners involved. In addition, if the algorithms behind the tokens are ever compromised it can take months to recode and replace them. To address these challenges, Intel has developed a solution that promises to be seamless for users and more cost effective for organizations.

Intel's Identity Protection Technology (IPT) is built into select 2nd generation Intel Core processor-based PCs. In essence, IPT adds a hardware layer of security while eliminating the need to carry around or attach a security device to your computer. Here's how it works:

When you access an Intel IPT-enabled website, you will be prompted to "register" your PC on that site. On subsequent logins, you simply enter your username and password and behind the scenes the PC generates a unique six-digit code from an embedded processor on the computer's motherboard, which gets validated by the website.

This embedded processor, known as Manageability Engine (ME), is a controlled area of the chipset that is tamper-proof and operates in isolation from the operating system for added security. Algorithms developed by Intel partners, such as Vasco and VeriSign, run in the ME performing the operations that link the computer to a validated site.

Intel says more than 1,000 websites now support IPT-enabled computers, including eBay and PayPal, and the company is actively working with partners to expand that number. They've also provided a guide of all notebooks and desktops from the likes of Lenovo, Dell, HP, Toshiba and Sony that currently support this technology.

This sponsored post is brought to you by Intel. Follow up on this and other innovations at Intel's Cloud Computing Technology portal and learn about the emergence of new cloud-based solutions.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.