Re: How to fight password sharing???
Date: 5 Nov 2003 07:35:27 -0800
"ciumpinet" <email@example.com> wrote in message news:<firstname.lastname@example.org>...
> I heard of a new software using cellphone as a password to validate the
> identity of the user!It's new and quite dramatic!!!
> I don't remember the name, there something like saints or saint in it...,
> but try a search with google (for example: cellphone+validation).
Interesting solution. Personally, I wouldn't use it as a primary or
solitary means of authentication.
It requires the subscriber to have a cellphone, which can discriminate
against those without. It also requires that the phone be uniquely
identifiable, which is relatively new technology and not available for
those using an analog service (my dual service phone can't reach a
digital repeater from my home in the deep country).
It requires the subscriber to make an outgoing call. Even though the
system says it will hang up after the first ring, many service
providers charge from SEND to END plus a few seconds. For me, that
means I must pay for a minute's usage to make one ring.
It seems to require the user to send and/or receive an SMS message
(text message). Not everyone has text messaging enabled, and many pay
a per-message fee.
There is no apparent provision for those who replace their phone.
Since the service seems to identify the phone and not the caller,
changing phones will cause problems authenticating.
But from the point of view of authenticating employees to a company
intranet, this has potential.