nanog mailing list archives
Re: Phishing (Was Re: WashingtonPost computer security stories)
From: Joel Jaeggli <joelja () darkwing uoregon edu>
Date: Tue, 17 Aug 2004 08:28:01 -0700 (PDT)
On Tue, 17 Aug 2004 Michael.Dillon () radianz com wrote:
Barclays also uses a "memorable word" in addition to the PIN code. They repeatedly tell us that no-one from Barclays will ever ask us to reveal this memorable word. It's only use is for a simple challenge-response where the website asks for two specific letters from the word and we select them from drop-down boxes to defeat keyloggers. Nice example of layered security that keeps the criminals snapping at the heels of the guy next door, i.e. CitiBank et al.
Lots of european banks issue sheets of onetime passwords.
--Michael Dillon
---------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja () darkwing uoregon edu GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
Current thread:
- Re: WashingtonPost computer security stories, (continued)
- Re: WashingtonPost computer security stories Stephen J. Wilcox (Aug 17)
- Re: WashingtonPost computer security stories Doug White (Aug 15)
- Phishing (Was Re: WashingtonPost computer security stories) Niels Bakker (Aug 16)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Henry Linneweh (Aug 16)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Christopher L. Morrow (Aug 16)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Mark Kasten (Aug 16)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Alexei Roudnev (Aug 16)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Sean Donelan (Aug 16)
- Re: Phishing (Was Re: WashingtonPost computer security stories) David Lesher (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Michael . Dillon (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Joel Jaeggli (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Richard Cox (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Petri Helenius (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Alexei Roudnev (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Eric Kuhnke (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Tim Wilde (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Edward B. Dreger (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Petri Helenius (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Brett (Aug 18)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Christopher L. Morrow (Aug 17)