WebApp Sec mailing list archives
Re: 2-factor auth for all
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Tue, 24 Oct 2006 07:51:44 -0700
2. Without mutual authentication, phishing attacks will still occur.
Excellent point! I totally agree with this. In fact I covered this topic in my blog in September with reference to a study done by a TPM manufacturer. See: http://www.xml-dev.com/blog/index.php?action=viewtopic&id=243 -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net ------------------------------------------------------------------------- Sponsored by: WatchfireHackers continue to add billions to the cost of doing business online despite security executives' efforts to prevent malicious attacks. This whitepaper identifies the most common methods of attacks that we have seen, and outlines a guideline for developing secure web applications. Download our The Twelve Most Common Application-level Hack Attacks whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008YTi --------------------------------------------------------------------------
Current thread:
- 2-factor auth for all Saqib Ali (Oct 23)
- RE: 2-factor auth for all Benjamin Tomhave (Oct 27)
- Re: 2-factor auth for all David Kierznowski (Oct 27)
- Re: 2-factor auth for all Saqib Ali (Oct 27)
- RE: 2-factor auth for all Nick Owen (Oct 27)
- Re: 2-factor auth for all Saqib Ali (Oct 27)
- Re: 2-factor auth for all Nick Owen (Oct 27)
- Re: 2-factor auth for all Saqib Ali (Oct 27)