Five Annoying Steps
Sometimes, I will need to login to SAP remotely from home. Part of my job is user support, and my critical users are the plant people. They run the machines 24 hours, which mean the calls can come in at any time. To do that, I have to go through 5 annoying security steps, to connect remotely :
- The first annoying step is to key in the password at notebook boot up
- Then there’s the finger print verification
- After that, Window’s password
- VPN’s password
- and finally the SAP logon screen
Now, they have added a RSA SecureID to the VPN login. I have to key in my employee id and followed by the numbers displayed on the token everytime I need to login to the SAP server remotely. And the numbers change every minute, so forget about memorizing. Previously I only need to remember my password, now I must not loose ‘my password’.
Loose it and I can’t access to SAP.
I wonder whether Maybank will introduce something like this in order to avoid phishing, like HSBC did. Why not Maybank use this to replace the TAC? I don’t think people would mind paying a one off nominal fee for security.