RE: How to authentificate an user via telephon?
From: Gary Turovsky (GTurovsky@tpgstaffing.com)
Date: 12/06/02
- Previous message: Gary Turovsky: "RE: Preventing DHCP from allocating IPs"
- Maybe in reply to: Robert Sieber: "How to authentificate an user via telephon?"
- Next in thread: Mark Medici: "RE: How to authentificate an user via telephon?"
- Maybe reply: Robert Sieber: "Re: RE: How to authentificate an user via telephon?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 6 Dec 2002 11:30:29 -0600 From: "Gary Turovsky" <GTurovsky@tpgstaffing.com> To: "Chris Berry" <compjma@hotmail.com>, <security-basics@securityfocus.com>
> I have to say that I think thats a very insecure
> authentication method. Our
> company deals heavily with finding people, and getting
> information about
> them, and I can say from experience here that getting
> someone's SSN and
> birthdate is a trivial task. You'd be much better off with
> another system
> such as the three authenticating questions someone propsed
> earlier. I also
> recommend PasswordSafe from www.counterpane.com its a free
> product that
> allows you to manage multiple passwords in a secure 448bit blowfish
> encrypted storage. (that should help your users from forgetting their
> passwords all the time)
Except when they forget the passphrase for their encrypted passwords :)
- Next message: Mark Medici: "RE: How to authentificate an user via telephon?"
- Previous message: Gary Turovsky: "RE: Preventing DHCP from allocating IPs"
- Maybe in reply to: Robert Sieber: "How to authentificate an user via telephon?"
- Next in thread: Mark Medici: "RE: How to authentificate an user via telephon?"
- Maybe reply: Robert Sieber: "Re: RE: How to authentificate an user via telephon?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
