DigitalPersona - More Than Biometrics
August 03, 2018
DigitalPersona - More Than Biometrics
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with DigitalPersona
DigitalPersona is used primarily by our Nursing department and Corporate users. DigitalPersona is addressing security by leveraging biometric authentication and solves the nurses need to remember multiple passwords by acting as a SSO solution.
- Biometric authentication - DigitalPersona biometric readers are very accurate while maintaining low false-positive authentications.
- Single Sign On - When configured with templates, DigitalPersona can be set up to automatically authenticate on any website or application, creating a seamless login to these systems. It is typically quick and responsive.
- Self Service password management - The DigitalPersona client modifies the windows login screen allowing password reset using security questions before actually logging in to windows. This is important as many solutions require going to a website that the user may not be able to access without first being logged in to windows.
- Multiple domains - DigitalPersona struggles with multiple domains. Since the solution is licensed per domain, migrating users between domains can be troublesome to keep licensed. Additionally, migrating to a new domain removes the AD leaf objects that store all digital persona information, essentially wiping out and credentials or other stored information.
- Password change - DigitalPersona can be confusing to update when a stored password for a website is updated. The password is entered, and then the user is redirected to the websites password change page. Users must then authenticate with a Digital persona credential again before being prompted by Digital Persona to update the password. If the user is allowed to change the password manually through the websites page, this will lead to what is stored in Digital Persona being out of sync with the new password, and eventually account lockouts.
- Terminal Server - DigitalPersona has performance issues when utilized on a high-traffic terminal server. Often it causes big CPU spikes as well as hanging sessions upon disconnect.
As a result of the breadth of use case scenarios, we often look to see if DigitalPersona can be utilized in place of any new software we may be trialing. We started using DigitalPersona simply as biometric login to simply and secure the process for our nurses. When considering an SSO platform, we found that DigitalPersona was able to fill the need. When we researched MFA solutions, again, we found that DigitalPersona would meet our needs. Continually leveraging DigitalPersona features has driven more and more value out of our initial investment years ago.
When managing user credentials, it has been very beneficial for support staff to have DigitalPersona live in the same location that they were already accessing to manage windows passwords. Additionally, since DigitalPersona is embedded in Active Directory, removal of credentials for disabled accounts was simple to implement with our automation tools.
Windows, OWA, Cerner, UltiPro, Carbon Black
- We have seen a reduction in password reset requests to support staff.