RSA has announced the launch of ‘credential protection' to randomise passwords into two separate locations.
According to the company. RSA Distributed Credential Protection randomises and splits sensitive information into two servers and helps eliminate a primary point of compromise.
It said that it is engineered to scramble, randomise and split secrets and authentication credentials into two separate locations, while designed to work alongside existing password protection software. It also said it is built to reduce the likelihood of successful ‘smash-and-grab' attacks on password servers, as even if an attacker compromises one of the two servers used to store the scrambled and split credential data, the information gained would be useless.
Dan Schiappa, senior vice president of identity and data protection at RSA, said: “This technology offers a unique way to truly protect bulk data stores of passwords, secrets and other credentials from even highly sophisticated attacks.
“This new approach to credential protection will be a game-changer for organisations responsible for the security of very large numbers of end-user access credentials.”