Re: Username password VS hardware token plus PIN

[Dragos Ruiu <dr () kyx net>]

On February 22, 2005 09:56 am, Marcus J. Ranum wrote:
> #include <sys/rant/ranum/2978378.h>

Response to Standard Ranum rant:

The problem with the old PDA idea is user reluctance.
Sure it gets over the cost issue, but convincing some
technophobe senior manager to carry around a small
commercial token is hard enough. Making him/her lug
around an old electronic brick, associated case and 
chargers, will be even more of an uphill task. And I would
bet that pointing out that it can play tetris will do little
to sell it further in those cases. :-)

(Note I don't disagree with 2 factor token based identification,
quite the opposite actually, I recommend it to all my consulting
customers as a preferred security/auth architecture. Just
wanted to point out a potential problem with your old PDA
price defense of it.)

cheers,
--dr

-- 
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada       May 4-6 2005  http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards