Why couldn't Public keys replace Passwords on the Internet?
From: Dave (galt_57@hotmail.com)
Date: 01/24/03
- Next message: Mark H. Wood: "Re: Password Cracking"
- Previous message: Sam Bixby: "Disabling Windows Messenger"
- Next in thread: Karl Levinson [x y] mvp: "Re: Why couldn't Public keys replace Passwords on the Internet?"
- Reply: Karl Levinson [x y] mvp: "Re: Why couldn't Public keys replace Passwords on the Internet?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: galt_57@hotmail.com (Dave) Date: 24 Jan 2003 06:30:50 -0800
What if you just used a challenge and response system to replace
passwords? The browser could hold the users password which would
generate his private key. Websites would be allowed to challenge with
a date-time-magic-cookie-root-web-address using your public key. Your
browser would then prompt you to see if it should respond to prove
your identity.
Advantage: you would just log into your browser. Only one password to
remember. Also no passwords would be passed across the internet. The
root-address check would eliminate fake webpaages and the date-time
field would obsolete any visible data.
Dave
- Next message: Mark H. Wood: "Re: Password Cracking"
- Previous message: Sam Bixby: "Disabling Windows Messenger"
- Next in thread: Karl Levinson [x y] mvp: "Re: Why couldn't Public keys replace Passwords on the Internet?"
- Reply: Karl Levinson [x y] mvp: "Re: Why couldn't Public keys replace Passwords on the Internet?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
