Re: [fw-wiz] Username password VS hardware token plus PIN

From: Dragos Ruiu (dr_at_kyx.net)
Date: 02/24/05

  • Next message: Marcus J. Ranum: "Re: [fw-wiz] Username password VS hardware token plus PIN" 
    To: "Marcus J. Ranum" <mjr@ranum.com>, Frank Knobbe <frank@knobbe.us>
Date: Wed, 23 Feb 2005 16:17:01 -0800

    On February 22, 2005 09:56 am, Marcus J. Ranum wrote:
    > #include <sys/rant/ranum/2978378.h>

    Response to Standard Ranum rant:

    The problem with the old PDA idea is user reluctance.
    Sure it gets over the cost issue, but convincing some
    technophobe senior manager to carry around a small
    commercial token is hard enough. Making him/her lug
    around an old electronic brick, associated case and
    chargers, will be even more of an uphill task. And I would
    bet that pointing out that it can play tetris will do little
    to sell it further in those cases. :-)

    (Note I don't disagree with 2 factor token based identification,
    quite the opposite actually, I recommend it to all my consulting
    customers as a preferred security/auth architecture. Just
    wanted to point out a potential problem with your old PDA
    price defense of it.)

    cheers,
    --dr 

    -- 
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada	May 4-6 2005  http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Marcus J. Ranum: "Re: [fw-wiz] Username password VS hardware token plus PIN"