Re: [fw-wiz] Username password VS hardware token plus PIN

From: Anthony de Boer (adb-fww_at_leftmind.net)
Date: 03/02/05

  • Next message: Ben Nagy: "RE: [fw-wiz] Cisco acls"
    To: firewall-wizards@honor.icsalabs.com
    Date: Wed, 2 Mar 2005 00:15:53 -0500
    
    

    John Hall wrote:
    > In my experience every senior manager has either a PDA, pager, cellphone,
    > or Blackberry already. We just need to make a secure token a required
    > component for all of those devices. The first company that gets their
    > token into any two of the above devices in wide distribution is going
    > to be rich.

    Doing your secure token on a communications device opens up some serious
    issues; anyone who can crack you over the wireless network, or persuade
    your wireless provider to simply give admin access to your device, has
    you cold, with the token algorithm, configured keys and state in the
    device, and your passphrase captured next time you enter it.

    -- 
    Anthony de Boer
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Ben Nagy: "RE: [fw-wiz] Cisco acls"