Re: Sign On Authentication

From: Ari Silversteinn (abcarisilverstein_at_yahoo.comxyz)
Date: 08/16/05


Date: Tue, 16 Aug 2005 08:12:29 -0400

On Tue, 16 Aug 2005 02:55:43 -0400, Barry Margolin wrote:

> OK, if you don't trust the users, then I don't think there's any way to
> accomplish your goal with the stated restrictions. Complete
> identification and authentication requires three factors:
>
> 1) Who you are
> 2) What you have
> 3) What you know
>
> A token implements #2, a password implements #3, but both of these can
> be shared. To implement #1, you need to use biometrics, which requires
> special hardware. But you specifically said that you can't require
> hardware like a fingerprint reader.

Is there nothing unique that would ID the users computer then?

-- 
Drop the alphabet for email