AOL Unveils 2-Factor Authentication Service

Jeff Berg
NEW YORK — America Online unveiled a new two-tiered security system that employs an electronic device which changes passwords every minute.

Targeted at small business owners or users who pay their bills primarily through AOL accounts, the new service uses a pager-sized device created by RSA Security Inc. to display six-digit codes that change every minute. Users are required to read the code off the device and input it in order to access e-mail, calendars, stock portfolios and AOL’s Bill Pay.

“Identity theft, phishing and malware are proving that passwords are woefully inadequate for protecting sensitive information online,” said Art Coviello, president and CEO of RSA Security. “This is shaking the confidence of individuals and organizations using the internet.”

Two-factor authentication attempts to correct the problem by working like an electronic safety box. Services can only be unlocked after users provide both their own individually selected password and a second method of authentication that is more difficult to compromise.

Current methods used to in two-factor authentication range from password lists to biometric scanners.

The new service is the first movement of two-factor authentication systems to the mainstream market and comes on the heels of a recent survey conducted in Britain’s Liverpool Street Station, where 71 percent of office workers were willing to trade their password for a chocolate bar.

Analysts from Gartner predict that only a small portion of AOL users will take advantage of the situation, but that the new service will cause other service providers to take the system more seriously.

“You have to start somewhere,” said Gartner analyst Avivah Litan.

The new AOL service will cost a one-time fee of $9.95 and an additional $1.95 each month.