Security Basics mailing list archives
Re: How to authenticate an user via telephone?
From: Scott_Miller () progressive com
Date: Thu, 5 Dec 2002 12:58:21 -0500
We use a automated process at Progressive to reset password. Voice Vault is the company who make it. The user calls a number and then repeat a series of numbers in different order for the voice recognition. The software then changes the password and then tells the user. "Marc Cuypers" <m.cuypers@pando To: <security-basics () lists securityfocus com> ra.be> cc: Subject: Re: How to authentificate an user via telephon? 12/04/2002 12:44 PM
Hello colleauges, imaging the following situation: User calls the helpdesk to reset/alter some kind of account-password (NT, RAS, PKI-PIN ...) and you has to determin wheter the user is the correct (owner of the account) user. What would you do to authentificate the users identity? What are good methodes to do this? It should be easy for the user but secure for the administration. Robert
Helpdesk calls user back at a known telephone number (could be a mobile number). Marc
Current thread:
- Re: How to authenticate an user via telephone? Scott_Miller (Dec 05)