September 26, 2016

In brief: RSA launches new system which splits credentials over two servers

(LiveHacking.Com) – RSA has launched a new distribution system which splits credentials over two servers. The idea being that if one server is hacked the attackers only gains access to half of the stored information (password etc). The system called “RSA Distributed Credential Protection” scrambles, randomizes and splits passwords into multiple locations.

As part of the system, administrators can re-randomize and re-split log-in data if a breach is suspected. This means that unless the hackers manage to break into both servers before the re-hashing, the stolen data would be useless.

“DCP scrambles, randomizes and splits sensitive credentials, passwords and Pins and the answers to life or challenge questions into two locations,” said the RSA’s mananger Liz Robinson.

The product however isn’t open source but is rather a commercial offering. RSA expect that DCP will be ready before the end of the year. It will cost about $150,000 per licence which RSA says is less than the cost of “an expensive lawsuit.”