Microsoft drops SecurID, saying Vista aims for authentication openness

Published 9 May 2006

Microsoft says it decided against supporting SecurID authentication because it did not to offer support for only one system; industry insiders say the decision was more the result of time pressures

Windows Vista will include a framework designed to offer better support for third-party multi-factor authentication systems, rather than native support for any one system, Microsoft said last week. Some industry observers dismissed the company’s rhetoric about competition and openness, saying the planned native support for RSA’s SecurID tokens had simply fallen victim to time pressures, like numerous other ambitious schemes originally intended for Vista.

Microsft said the reason for the reason SecurID was no longer planned for Vista was that most customers told the company they did not view one-time passwords as strategic, and that they were looking long term to smart cards as their preferred strong authentication mechanism. SecurID support was announced in 2004, at a time of growing interest in two-factor authentication. Such authentication combines an account password with another factor such as a smart card, USB token, or a one-time password. SecurID for Windows, announced in February 2004, envisioned a hand-held token which would have allowed users to log on to Windows 2000 and XP machines using a one-time password, without requiring a connection to an RSA server to authenticate the user.

Microsoft now say it wants to foster competition around multi-factor authentication rather than support any one scheme. Vista will introduce a new model for adding authentication methods, simplifying integration, according to the company.