PIN code for tokens: password with special rules. Hardware authentication based on USB keys for Windows XP - Pokrokova kerivnitstvo Format key token alpha bank

Saving keys on hardware keys (Kaztoken, eToken) increases the security of saving and maintaining the organization's digital digital signature:

  • Save the digital digital signature from these devices and copy it below from your PC
  • When spending a token, Wikoristannya EDS password stolen

For the use of eToken devices, the organization is to blame EDS keys.

Statti:

Installing EDS keys on the eToken device (video lesson)

Installing a digital digital signature on the eToken carries some nuances (verified as of spring 2015).

The device eToken, at the first time before writing to a new key, requires the obligatory change of the password for the first time (1234567890) to a larger one, only after which it is possible to write EDS keys to the device. Therefore, if you simply insert a new eToken device into your PC and try installing certificates through the NCA website, after the installation is completed you will see a notification about the renewal of the installed certificates.

You will have to install the program that controls the eToken device, reinitialize the device by checking the box to change the password before using the password.

And as for the NUC website, you can write keys to a token, only the password for the eToken is 1234567890 (for other passwords, again, after installing the key recording option), in the program that controls, the password is installed 1 234567890, having previously checked the box about vimoga smoothly.

After these operations, you can successfully record the EDS keys on your eToken.

Cleaning your eToken (video tutorial)

Fixing the problem More than one RSA key has been detected

If you do not clear the eToken before installing new keys, the installation through the NCA website will be successful, but if you try to log in to the IS Treasury Client portal, you will be greeted with the following warning: More than one RSA key has been detected:

The most serious problem with this problem will be to use the InfoToken() utility and format the device for help. After which you have to write the keys to the token again.

Pleased to our reader: You can try to delete private keys using TumarCSP.

Author's view:

Once the problem has been resolved, one of the ways to say “Thank you” to the author is indicated.

If the problem has not been solved, but additional food has appeared, they can be supplied to our group.

Or, hurry up with our service “” by entrusting the most important problems to the fakhivts.

If you have entered the wrong password more than once, your eToken may be blocked.
To unblock eToken, you need to enter the dates described below, as well as the dates sent to the book due to memory consumption, in a friendly way.

I forgot my etoken password, what's wrong?

We are all people, we all have our own problems and troubles, speeches often float from memory, which we do not often use, such a speech could be for a koristuvach etoken, a red or a blue flash drive. Don’t get embarrassed, everything can be corrected.

Launch the eToken PKI Client program (install the program if required)

Select eToken reader, then press "Show detailed view"

Click on the button "Login with administrator rights"

Enter the Administrator password, and then press " OK" . For promotions on eToken, you may need to set the administrator password 0987654321

If the administrator password is entered correctly, a notification may appear "Wikonano login with Administrator rights"

Then press the button "Install the koristuvach password"

Enter a new password and press " OK" (We strongly recommend that you enter a password for registration 1234567890 ), so you definitely don’t forget.

"Until 2008, the number of corrupted USB keys will approach the number of other authentication methods"
IDC 2004 r_k

Enter

Nowadays, in connection with the wide spread of computers, it is increasingly necessary to worry about the security of the information that is stored. The first step of the secured security is the authentication of the legitimate merchant.
Most often, a password is used as an authentication method. Moreover, more than 60% of users, as practice shows, most often use the same passwords to different systems. It’s not good to say that this significantly reduces the level of security. What is it timid?
In my opinion, one of the options for solving the problem would be the replacement of hardware authentication keys. Let's take a look at their presentation of the report on the example of USB keys from the Aladdin company.

What is eToken?

eToken (Fig. 1) is a personal device for authentication and data saving, which hardware supports the work with digital certificates and electronic digital signature(EDS). eToken is issued by:

  • eToken PRO is a USB key that allows for two-factor authentication. Available in 32K and 64K versions.
  • eToken NG-OTP is a hybrid USB key and device that generates One Time Password (OTP). Available in 32K and 64K versions.
  • The eToken PRO smart card is a device that has the same functions as a USB key, but is also in the form of a basic credit card. Available in 32K and 64K versions.

Below we are talking about USB keys, which are connected directly to the computer’s USB port and, when administrated as a smart card, do not require a special reader.
eToken has secure non-volatile memory and is used to store passwords, certificates and other sensitive data.

Malyunok 1 eToken Pro 64k

eToken device

eToken PRO technology components:

  • Smart card chip Infineon SLE66CX322P or SLE66CX642P (EEPROM capacity 32 or 64 KB per line);
  • Smart card OS Siemens CardOS V4.2;
  • Algorithms implemented in hardware: RSA 1024bit, DES, Triple-DES 168bit, SHA-1, MAC, Retail-MAC, HMAC-SHA1;
  • Hardware vibration sensor;
  • USB controller interface;
  • Dzherelo zhivlennya;
  • The case is made of hard plastic, which is not susceptible to cracking.

The eToken NG-OTP device additionally includes the following components:

  • One-time password generator;
  • Button for current generation;
  • RK display;

Interface support:

  • Microsoft CryptoAPI;
  • PKCS#11.

PIN code

To revoke access to the data stored in the eToken's memory, you must enter a PIN code (Personal Identification Number). It is not recommended to use passwords and Russian letters for the PIN code. In this case, the PIN code must comply with the security criteria set in the file %systemroot%\system32\etcpass.ini.
Editing the file to match the criteria for the PIN code can be done using the eToken Properties utility.

Access rights to eToken

Depending on the eToken model and the parameters selected during formatting, you can see the following types of access rights to the eToken:

  • guest- Ability to review objects in the open memory area; It is possible to extract hidden information from the system memory area using eToken, which includes the eToken name, identifiers and other parameters. With guest access, knowing the PIN code is not obligatory;
  • Koristuvalnytskyi– the right to review, change and delete objects in closed, open and open memory areas; the ability to recover hidden information using eToken; the right to change the PIN code and rename the eToken; the right to configure caching parameters instead of a private memory area additional zakhist private keys password (subject to the administrator’s password or with the permission of the administrator), the right to view and view remote certificates in the eToken and RSA key containers;
  • administrative- the right to change the PIN code of a customer without knowing it; the right to change the administrator password; the right to configure caching parameters instead of a private memory area and the additional protection of private keys with a password, as well as the ability to work with settings available in the client mode;
  • Initialization– the right to format eToken PRO.

Before eToken R2, only the first two types of rights are granted, before eToken PRO and eToken NG-OTP – all of them.
Administrator access to eToken PRO can only be achieved after the administrator password has been entered correctly. If the administrator password is not formatted during the process, you cannot log in with administrator rights.

Software for eToken

Zagalnye Vidomosti

eToken Run Time Environment 3.65
eToken Run Time Environment (eToken RTE) – set of eToken drivers. The software package includes the “Power eToken” utility (eToken Properties).
For additional help from this utility, you can:

  • configure the parameters of eToken and your drivers;
  • review hidden information about eToken;
  • Import, review and delete certificates (besides certificates from the eTokenEx storage) and RSA key containers;
  • format eToken PRO and eToken NG-OTP;
  • adjust the criteria for the strength of PIN codes.

To install software security, local administrator rights are required. Please remember that you cannot connect the eToken key until the eToken RTE is installed.
Installation of software security must be carried out in the following order:

  • eToken RTE 3.65;
  • eToken RTE 3.65 RUI (Russification of the interface);
  • eToken RTX.

Installation and installation on your local computer eToken RTE 3.65

Installed


Malyunok 2 eToken Run Time Environment 3.65 Setup

In the window (Fig. 3), you must read the license agreement and follow it.


Figure 3 End-User License Agreement

If you do not agree with the licensed property, then click the “Cancel” button and thereby interrupt the installation process.
If you are happy with the license agreement, select “I accept the license agreement” and click the “Next” button. On the screen you will see a new window (Fig. 4):


Malyunok 4 Ready to Install the Application

Installation will take about an hour.
After completing the installation process (Fig. 5), click the Finish button.


Figure 5 eToken Run Time Environment 3.65 has been successfully installed
For example, during installation, you may need to restart your computer.

eToken RTE 3.65 RUI

Installed
To install eToken RTE 3.65 RUI, you must run the installation program.


Malyunok 6 Installation of eToken 3.65 RUI
At the window (small 6) press the "Next" button.


Figure 7 Complete installation of Russian User Interface

Command row wiki

To install the eToken RTE 3.65, eToken RTE 3.65 RUI and eToken RTX views, you can use the command row.
Apply commands:

  • msiexec /qn /i
  • msiexec /qb /i
  • /q– installation of eToken RTE 3.65 (eToken RTE 3.65 RUI, eToken RTX) in automatic mode without dialog boxes with parameters;
  • /qb– installation of eToken RTE 3.65 (eToken RTE 3.65 RUI, eToken RTX) in automatic mode with parameters for washing and displaying the installation process on the screen;
  • msiexec /qn /x- View eToken RTE 3.65 (eToken RTE 3.65 RUI, eToken RTX) in automatic mode without dialog windows;
  • msiexec /qb /x– display of eToken RTE 3.65 (eToken RTE 3.65 RUI, eToken RTX) in automatic mode with the process displayed on the screen.

First connect the eToken USB key to your computer

If eToken RTE 3.65 is installed on your computer, connect the eToken to the USB port or to the cable underneath. After this, the process of acquiring a new possession will begin, which can take many hours. Once the process of registering a new possession on the eToken is completed, the light indicator will light up.

Utility "Power eToken"


Malyunok 8 Vikno program "Power eToken"

The "eToken Power" utility allows you to perform basic operations with tokens, such as changing passwords, reviewing information and certificates located in the eToken memory. In addition, with the help of the eToken Power utility, you can quickly and easily transfer certificates between your computer and eToken, as well as import keys into the eToken memory.
The "Unblock" button is required if the customer has forgotten his PIN code and cannot reach the eToken administrator (for example, the customer is located at a representative). By returning to the administrator by e-mail, customers can retrieve the hexadecimal entry for which eToken from the administrator, forming data on the data base that is saved in the TMS database by entering it in the “correspondence from” field Allows access to change the PIN code.


Malyunok 9 Computer tab

Changing the PIN code can be done as shown in Fig. 10:


Figure 10 Changing the PIN code
When changing the PIN code, it is necessary for the new PIN code to match the entered password. The strength of the password is checked every time before the criteria are entered.
To check the validity of the password against the selected criteria, enter the password in the row. Below this information is displayed in a row about the reasons why the entered password does not match the selected criteria in the panels, and also graphically in the panels it is intelligently displayed whether the entered password matches the selected criteria.

Change of criteria

The table shows the criteria for the PIN code and their values ​​that are being configured. As the value of the criterion can be determined by a negative value, it is expressed in hundreds. This value is called a fine.

Criterion

Description

Possible meanings

Significance for zamovchuvannyam

PIN code arrange the sequence of characters in alphabetical order

doubling the sequence of characters for the ABCOrder criterion

the new password is the same as the current one

password for the dictionary

the new password is higher than the previous one

DefaultPassChange

changing the password that was accepted for default

None (password change is not required);
Warning (displays warnings about previous events);
Enforce

dictionary file

absolute way to the dictionary file

not specified

password is more than 3 digits

the presence of two new symbols

terminology before the appearance of the warning about the need for change (today)

maximum term in days

0
(not insertions)

KeyboardProximity

the presence of certain characters in the same order as the keyboard

KeyboardProximityBase

double the sequence of characters for the KeyboardProximity criterion

password similar to the password from the dictionary

minimum term of action in days

0
(not insertions)

minimum deposit for symbols

minimum durability in hundreds

Number of numbers

Number of small letters

selection of letters of the Russian alphabet, common and other service symbols

Variety of division marks and service symbols

The number of great writers

PhonesandSerialNumbers

search for phone number passwords, serial numbers, etc.

the presence of symbols that are repeated

a number of previously known passwords that are stored in the eToken memory for verification using the CheckOld-Passes criterion

password length less than WarningLength

Since the password requirement is less than the WarningLength, when you change the password, there is an advance

password to remove symbols and pass

Dictionary

To create a list of unacceptable or unnecessary passwords, create a text file. Or you can quickly use the so-called frequency dictionaries, like using wikis to select passwords. Files of such dictionaries can be obtained from the website www.passwords.ru.
An example of such a dictionary:
anna
annette
bill
password
william
Assign the criterion "Dictionary" to the created file. When you go to the dictionary file on your computer, it may match the values ​​of the Dictionary criterion.

Login to Windows for additional eToken

Zagalnye Vidomosti

eToken SecurLogon provides effective security of your network due to ease of use and mobility. At the time of authentication with Windows, the username and password that are stored in the eToken memory are verified. This makes it possible to implement strong token-based authentication.
At the same time, I would like to add that for great companies that develop a domain structure, it is necessary to think about introducing PKI and centralizing SmartCardLogon.
If you use eToken SecurLogon, you may be stuck with your passwords, which are not known to anyone. In addition, the ability to use multiple certificates stored in eToken memory for smart card-based registration has been transferred, further enhancing the security of login to Windows.
This is possible because Windows 2000/XP allows you to use different access mechanisms, which replace the authentication method with authentication. The identification and authentication mechanisms of the Windows logon service (winlogon), which ensures interactive registration in the system, are embedded in a library (DLL), which is replaced dynamically, called GINA ( Graphical Identification and Authentication, authentication desktop). If the system requires a different authentication method, replacing the "user name/password" mechanism (check with Wikoryst) for the standard msgina.dll, replace it with a new library.
When eToken SecurLogon is installed, the authentication desktop library is replaced and new registry settings are created. GINA is responsible for the policy of interactive connection and the current identification and dialogue with the client. Replacing the desktop authentication library makes eToken the main authentication mechanism, which expands the capabilities of standard Windows 2000/XP authentication, based on a fixed core name Please remember the password.
Customers can independently record information required for Windows login (profiles) into the eToken memory, as permitted by the business security policy.
Profiles can be created with the help of eToken profile creation master Windows Log on.

Getting to work

eToken SecurLogon authenticates koristuvacha Windows 2000/XP/2003 for the additional eToken, the cardholder's certificate and smart card, or the cardholder's name and password, which are stored in the eToken memory. eToken RTE includes all the necessary files and drivers to ensure eToken support in eToken Windows Logon.

Minimal benefits

Installation of eToken Windows Logon:

  • eToken Runtime Environment (versions 3.65 or 3.65) may be installed on all workstations;
  • eToken SecurLogon can be installed on a computer running Windows 2000 (SP4), Windows XP (SP2) or Windows 2003 (SP1). eToken SecurLogon encourages classic dialogue Windows privacy(or not new screen Privitannaya Windows XP) and does not support the fast change mode of the customer for Windows XP.

Supported tokens

eToken SecurLogon supports the following eToken devices:

  • eToken PRO is a USB key that allows for two-factor authentication. Available in 32K and 64K versions;
  • eToken NG-OTP is a hybrid USB key and device that generates one-time passwords. Available in 32K and 64K versions;
  • eToken PRO smart card is a device that has the same functions as a USB key, and is also in the form of a basic credit card. Available in 32K and 64K versions.

eToken Runtime Environment (RTE)

eToken Runtime Environment (RTE) contains all files and drivers to ensure eToken support for eToken Windows Logon. This set also includes the eToken Properties utility, which allows you to easily manage your PIN code and eToken names.
All new eTokens require the same PIN code to be installed at the time of generation. This PIN code is 1234567890. To ensure security, two-factor authentication and new functionality The customer is obligated to replace the PIN code with a new PIN code immediately after issuing a new eToken.
Important:The PIN code is not confused with the koristuvach password Windows .

Installed

In order to installeTokenWindowsLogon:

  • Log out of the system as a customer with administrator rights;
  • double click SecurLogon - 2.0.0.55.msi;
  • open the eToken SecurLogon installation wizard window (Fig. 11);
  • press the button " Next", show up as a licensed eToken Enterprise;
  • read please, press " Iaccept"(I accept), and then the button " Next";
  • At the end of the installation, re-installation is carried out.


Malyunok 11 Installation of SecurLogon


Installation of additional command line:
eToken SecurLogon can be installed following the command line:
msiexec /Option [non-language option]
Installation parameters:

  • - Installation or adjustment of the product;
  • /a - administrative installation - installation of the product in a limited manner;
  • /j

Gobsmacked about the product:

      • “m” – to all koristuvachs;
      • "u" – in-line koristuvachevi;
  • - Installation of the product.

Image parameters:

  • /quiet - quiet mode, without interaction with the client;
  • /passive – automatic mode – only a viconic indicator;
  • /q - Select the level of the client interface;
      • n – without interface;
      • b – main interface;
      • r – shortcut interface;
      • f – new interface (behind the scenes);
  • /help – displays the results of the search.

Restart options

  • /norestart – do not restart after installation is complete;
  • /promptrestart – prompt reinstallation as necessary;
  • /forcerestart – start the computer again after the installation is completed.

Logging options
/l;

  • i – information about the camp;
  • w – information about the cancellation of pardons;
  • e – all information about amends;
  • a – launches of actions;
  • r - entries specific to the activity;
  • u – zapiti koristuvach;
  • c – corn cob parameters;
  • m – information about the exit through the marriage of memory or non-excessive remembrance;
  • o – notification about the lack of space on the disk;
  • p – terminal power;
  • v – reporting symbol;
  • x – additional nutritional information;
  • + – adding to the last log file;
  • ! – dropping the skin row to the magazine;
  • * – log all information, except parameters “v” and “x” /log equivalent /l* .

Update parameters:

  • /update [;Update2.msp] - updated update;
  • /uninstall [;Update2.msp] /package – allows you to update the product.

Update parameters:
/f
Product update:

    • p – more than the length of the file;
    • o – whether the file is daily or installations old version(for cleaning);
    • e – if the file is new or the same or old version is installed;
    • d – if the file is old or a different version is installed;;
    • c – if the file is daily or the control amount is not reduced due to the secured values;
    • a – clicks to reinstall all files;
    • u – all necessary elements of the registry, specific to the account manager (according to the rules);
    • m – all necessary registry elements specific to the computer (as defined);
    • s – all necessary labels (for washing);
    • v – launch from Geral with repeated caching of local packages;

Adjustment of the underworld authorities:
Return to the list of Windows (R) Installer products additional statements shodo vikoristannya command line.

Automatic password generation.

When recording the client's profile in the eToken memory, the password can be generated automatically or entered manually. With automatic generation, a longer password is generated, up to 128 characters. If you do not know your password, you will not be able to log in without the eToken key. Vimoga vikoristannya or the automatically generated passwords can be adjusted as obov'yazkova.

Wikoristannya eToken SecurLogon

eToken SecurLogon allows users to register with Windows 2000/XP/2003 using an additional eToken with a password stored in memory.

Registration for Windows

You can register in Windows system For additional help, eToken, or by entering your username and Windows password.

To register with Windows for an additional eToken:

  1. Restore your computer;
  2. Show up in detail Windows alerts;
  3. If the eToken is already connected, click on the Logon Using eToken link. If the eToken was not connected, connect it to the USB port or cable. For any registration method, the “Log On to Windows” window will be displayed;
  4. Select a customer and enter the eToken PIN code;
  5. Click "OK". You have opened a login session using the additional details installed in the eToken memory.
  6. If you are purchasing an eToken from a merchant certificate with a smart card, you must enter the eToken PIN code to connect to your computer.

Registration inWindows withouteToken:

  1. restart your computer, press CTRL+ALT+DEL keys, the “Log On to Windows” window will appear;
  2. Click the "OK" button - you are redirected to the system using your username and password.

Change password

You can change your Windows password after logging in using eToken.
To change your password after logging in using eToken:

  1. leave the system that uses eToken;
  2. press " CTRL+ALT+DEL"Please show up" SafetyWindows/ WindowsSecurity";
  3. Press the button " Change password/ ChangePassword"If the exact password was created manually, log in " Change password/ ChangePassword", if you have the exact password for creations in a special order, go to step 5;
  4. Enter a new password in the fields " New password/ NewPassword"і" Confirmation/ ConfirmNewPassword"and press the button" OK";
  5. If the current password is created using the same method, a new password will be created automatically;
  6. In the dialog box, enter the eToken PIN code and press the button " OK"
  7. Show up with confirmation of notification.

Zakhist session koristuvach

You can use eToken to secure your work session.

Locking your workstation

You can ensure the safety of your computer without leaving the system by blocking your computer. When you enter the eToken USB port or cable (after successful registration), the operating system will automatically block your computer.

To unlock your computer:

If the computer is locked, the window appears " Blocking your computer ComputerLocked". Connect the eToken to the USB port or cable. In the window, enter the PIN code in the " field eTokenPassword"and press the button" OK- the computer is unlocked.
Note: at times pressure CTRL+ALT+DEL"If you enter a password, your computer will be unlocked without using eToken.

Vidalennya manually

In the rare event that you need to delete eToken SecurLogon manually, follow these steps:

  • re-vamp your computer and re-vamp your safe mode;
  • register as a user with administrator rights;
  • For help from the registry editor, open the section HKEY_LOCAL_MAZHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon then delete parameter " GinaDLL";
  • If you want to register your computer, Windows will pop up when you register Microsoft Windows Logon.

Elimination of hidden problems

To troubleshoot underlying problems, you may need to follow these steps:

Problem

Decision

You connected your eToken during the registration process (if the window appears) Operating systemWindows/ WelcometoWindows") or if the computer is locked (the window is displayed " Blocking your computer/ ComputerLocked"). The eToken SecurLogon window does not appear.

1. Connect all smart card connections (not including eToken) to the computer and reconnect eToken.
2. It is possible that the eToken is not recognized by the system after installing the eToken RTE. For this option, try registering manually by pressing " CTRL+ALT+DEL". Accept your eToken and check when the indicator lights up.

You connected the eToken immediately after leaving the computer in sleep or wake mode. The eToken SecurLogon window does not appear .

1. Check when the indicator lights up. Show up immediately Blocking your computer/ UnlockComputer".
2. Carry out the actions described above.

You have received an eToken after the computer has been put out of sleep or wake mode, and the computer is not blocked immediately.

Check for no more than 30 seconds until the computer is blocked.

In Windows 2000, logging out or shutting down the computer takes many hours.

Install the remaining update package.

You connected a smart card or eToken reader after the computer was turned off, and the device is not recognized.

Restart your computer after connecting the reader.

Tokens, electronic keys for access to important information, are becoming increasingly popular in Russia. The token is not only useful for authentication in operating system computer, or a handheld device for saving and presenting personal information: encryption keys, certificates, licenses, verification. The tokens are reliable for the standard pair “login/password” for the mechanism of two-factor identification: so that the buyer is not only responsible for the presence of the information (the token itself), but also the PIN code.

There are three main form factors in which tokens are issued: USB token, smart card and key fob. Security for an additional PIN code is most often found in USB tokens, although other models of USB tokens are issued with the possibility of installing an RFID tag and a rare crystal display for generating one-time passwords.

We are preparing a report on the principles of functioning of tokens with a PIN code. PIN code is a special password that splits the authentication procedure into two stages: connecting a token to the computer and entering a PIN code.

The greatest popular models tokens on the current electronic market of Russia - Rutoken, eToken from the Aladdin company, and an electronic key from the Aktiv company. Let's take a look at the most common uses of PIN codes for tokens on the token application of these distributors.

1. Which PIN code is used by the vicorist?

The table below provides information about the PIN codes used for Rutoken and eToken tokens. The standard password is being changed for different levels of rulers.

Vlasnik Koristuvac Administrator
Rutoken 12345678 87654321
eToken
1234567890 The standard administrator password is not set. You can only install via the caravan panel for eToken PRO, eToken NG-FLASH, eToken NG-OTP models.
JaCarta PKI 11111111 00000000
JaCarta GOST No assignments 1234567890
JaCarta PKI/GOST For PKI functionality: 11111111

If you use JaCarta PKI with the option "Return money" - PIN code - 1234567890

For GOST functionality: PIN is not set

 		For PKI functionality: 00000000

When using JaCarta PKI with the option "Return money" - the PIN code is not installed

For GOST functionality: 1234567890
JaCarta PKI/GOST/SE For PKI functionality: 11111111

For GOST functionality: 0987654321

 		For PKI functionality: 00000000

For GOST functionality: 1234567890
JaCarta PKI/BIO 11111111 00000000
JaCarta PKI/Flash 11111111 00000000
ESMART Token 12345678 12345678
IDPrime card 0000 48 zeros
JaCarta PRO/JaCarta LT 1234567890 1234567890

2. Do I need to change my PIN code before signing up? If so, then if the robots have a token?

3. What to do if the PIN codes on the token are invisible, and the PIN code has already been deleted?

Single output – completely clear (format) the token.

4. What's wrong, is the PIN code of the koristuvach blocked?

You can unblock the Koristuvach PIN code using the additional token panel. Why do you need to know the administrator PIN code?

5. What should you do if the administrator PIN code is blocked?

It is impossible to unblock the administrator PIN code. Single output – completely clear (format) the token.

6. What security measures have been implemented by password providers to reduce the risk of password guessing?

The main points of the security policy for PIN codes of USB tokens of the Aladdin and Active companies are presented in the table below. Having analyzed the data in the table, you can come to a reliable conclusion that eToken is significantly more likely to be more likely to be stolen than your PIN code. Rutoken, although it allows you to set a password for anything from one character, is not secure, other parameters are not supplied to the product of the Aladdin company.

Parameter eToken Rutoken
Minimum payment for PIN code 4 1

Warehouse PIN

 Letters, numbers, special characters Numbers, letters of the Latin alphabet
More or more expensive 7 Up to 16

PIN code security administration

 Є Є
Є Є

The importance of keeping your PIN code secret is clear to everyone who uses Vicorist tokens for special purposes to save their electronic signature, trusts electronic key information of a special nature, and details of your business projects. Tokens of the companies "Aladdin" and "Aktiv" may be previously installed and at the same time, with frequent precautions, which will be revealed by the user, reduce the risk of password guessing to a minimum.

Software products Rutoken and eToken are presented in different configurations and form factors. The range of proposals allows you to choose the token model that best suits your needs, be it

Application © 2022 Mobile and computer gadgets