Re: Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)

From: Kevin (kkadow_at_gmail.com)
Date: 04/15/05

  • Next message: ArkanoiD: "Re: Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)"
    To: firewall-wizards@honor.icsalabs.com
    Date: Fri, 15 Apr 2005 03:41:32 -0500
    
    

    On 4/14/05, Marcus J. Ranum <mjr@ranum.com> wrote:
    > Paul D. Robertson wrote:
    > >I don't think a wrist is that much more trouble than a finger to a
    > >machette
    >
    > I know you're just being funny, but this all misses an important
    > point: against an opponent that is willing to physically attack,
    > threaten, or torture you ALL authentication systems
    > are worthless. Especially if you assume a level of indirection
    > can be added (I.e.: "log me into the system or your child dies.")

    There are relatively simple safeguards that can be added on to
    most systems to address this. For example, many ATM systems
    (and also the SecurID hardware token product) support what are
    called "duress PINs". Basically, enter your PIN backwards, and
    the system still grants you access, but also sets off a silent alarm.

    This of course lends itself to "Get Smart" style mind games -- If
    your PIN is 1234 (the kind of combination an Idiot would have on
    his luggage), do you tell the attacker your PIN is 4321, but then
    he guesses you gave him the duress PIN, so maybe you give him
    your real PIN and he reverses it himself (and so on).

    Kevin Kadow

    --
    Unofficial SecurID User's group:
    http://groups.yahoo.com/group/securid-users/
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: ArkanoiD: "Re: Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)"

    Relevant Pages

    • Re: Flash in 72 pin simm package?
      ... put finger to keyboard and composed: ... 72 pin. ... standard board, but I've looked around without finding them anywhere. ...
      (sci.electronics.components)
    • Re: EM guys, need a little ball bowler help
      ... It was the very last switch on the #8 pin relay. ... then you may want to check the finger allignment. ...
      (rec.games.pinball)
    • Re: How to design an infra-red circuit to detect small obstacle (e.g. finger) ?
      ... > or pass his finger thru the narrow beam quickly it should detect that. ... A synchronous demodulator, multiplying the signal on ... pin 3 to produce filtered baseband on pin 1. ...
      (sci.electronics.design)
    • Re: Frustration....
      ... If you do not have a pin close tool as suggested I discovered that the pick ... I'd finally made the backing for my feathered star WIP (and I can't ... I now have a lovely callus on my finger from inserting and then removing ... AKA Dame Sandy, Minister of Education ...
      (rec.crafts.textiles.quilting)