Floating in the Two-Factor Authenticator Tsunami?

gmerideth asks: "Working as a security consultant, I have access to a multitude of clients' networks through physical and VPN connections. Recently, due to the on-going issues of data theft, our clients have started implementing two-factor authentication using different providers. The result is a keychain that I carry around with our company key, clients keys, and a key for online access to my local area bank. I am slowly drowning in a sea of two-factor authenticators with sticky tape on the back of them, so that I can remember which key belongs to whom. What alternatives are there? Are there open projects or private products that provide a remote, secure, trusted authentication service that can provide for network/VPN authentication for Windows and Linux, using a single key among separate, private networks? If not, will step up to the plate and make it, or at least point me to a site that sells big keychains?"

RSA and Blackberry

[sam1am]

RSA does offer the RSA SecurID Token for BlackBerry Handhelds - multiple tokens from one device may be possible..

Federated Authorization

[forsetti]

Oddly enough, I'm at a Identity Management conference in Tempe AZ right now. Although in practice, getting all of your service providers (customers, bank, etc) into a single federation is probabably near impossible, getting them into a smaller number of bridged federations may happen through business needs and market pressure within the next few years. Check out technologies like Shibboleth (http://shibboleth.internet2.edu/) or Liberty Alliance.