Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Worldwide authentication

From: "Chris Berry" <compjma () hotmail com>
Date: Thu, 24 Oct 2002 18:00:22 -0700
From: "Fred Williams" <A20FBW1 () wpo cso niu edu>
This may be overboard but I think there might be an additional problem:
>They don't necessarily own portable PCs.
So are they using "trusted" pc's? ie, do you know that the computer the
trusted user is using is clean (no keylogger etc)? (say that 3 times
fast ;-)
Thats the beauty of the code token, unless they can use that information in less than 15 seconds, even a keylogger doesn't help them, and if you're worried about that, you shouldn't be letting them log in from someone else's machine anyways. 

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates
"Ok, so the servers are down, the lights are out, and all I have to work with is a roll of duct tape, a ball point pen, a lighter, and a twenty year old copy of emacs. Where's the problem? " 

_________________________________________________________________
Internet access plans that fit your lifestyle -- join MSN. http://resourcecenter.msn.com/access/plans/default.asp
Previous By Date Next
Previous By Thread Next

Current thread: