Re: [fw-wiz] Username password VS hardware token plus PIN
From: ArkanoiD (ark_at_eltex.net)
To: Frank Knobbe <email@example.com> Date: Wed, 23 Feb 2005 01:38:23 +0300
Aren't you afraid of BT-transmitted worm with keylogger feature? ;-))
On Tue, Feb 22, 2005 at 12:15:09PM -0600, Frank Knobbe wrote:
> On Tue, 2005-02-22 at 13:05 -0500, Marcus J. Ranum wrote:
> > Frank Knobbe wrote:
> > >My "token" consists of a Java OTP calculator running on my Nokia 9500. A
> > >hardware device with OTP thingy.
> > Hey, now that's cool! It's probably a bit more expensive for a company
> > to field to all employees than an obsolete PDA would be, and it's
> > probably even more expensive than a SecurID card. For now.
> Well, I use it not only for authentication (actually, I do not use it
> for OTP authentication at all... but I could! :) I chose that model
> since it has a nice, usable keyboard, nice 80x25 screen, and I can do
> SecureShell to systems from where ever via GPRS/EDGE.
> You made the point, though. There are cheap, mobile devices (like PDAs,
> phones) that can calculate one-time responses. The only advantage
> SecureID, Vasco, CryptoCard and such have might be ease of use.
firewall-wizards mailing list