After playing with the fingerprint scanner for a while I’ve found it’s OK for keeping track of web site logins, but it’s no good for REAL network security – controlling who can log into the domain, and maintaining complex password (read PASSPHRASE) policies with 2-factor authentication.
So I’m looking at a few devices – tokens from RSA, Secure Computing and the like. I want something that can be used on the network, for VPN access, OWA and terminal services login.
Suggestions, experiences, ones to keep away from? Any feedback is good at this point.