Re: [fw-wiz] Username password VS hardware token plus PIN
From: Anthony de Boer (adb-fww_at_leftmind.net)
To: email@example.com Date: Wed, 2 Mar 2005 00:15:53 -0500
John Hall wrote:
> In my experience every senior manager has either a PDA, pager, cellphone,
> or Blackberry already. We just need to make a secure token a required
> component for all of those devices. The first company that gets their
> token into any two of the above devices in wide distribution is going
> to be rich.
Doing your secure token on a communications device opens up some serious
issues; anyone who can crack you over the wireless network, or persuade
your wireless provider to simply give admin access to your device, has
you cold, with the token algorithm, configured keys and state in the
device, and your passphrase captured next time you enter it.
-- Anthony de Boer _______________________________________________ firewall-wizards mailing list firstname.lastname@example.org http://honor.icsalabs.com/mailman/listinfo/firewall-wizards