Firewall Wizards mailing list archives
Re: Username password VS hardware token plus PIN
From: Dragos Ruiu <dr () kyx net>
Date: Wed, 23 Feb 2005 16:17:01 -0800
On February 22, 2005 09:56 am, Marcus J. Ranum wrote:
#include <sys/rant/ranum/2978378.h>
Response to Standard Ranum rant: The problem with the old PDA idea is user reluctance. Sure it gets over the cost issue, but convincing some technophobe senior manager to carry around a small commercial token is hard enough. Making him/her lug around an old electronic brick, associated case and chargers, will be even more of an uphill task. And I would bet that pointing out that it can play tetris will do little to sell it further in those cases. :-) (Note I don't disagree with 2 factor token based identification, quite the opposite actually, I recommend it to all my consulting customers as a preferred security/auth architecture. Just wanted to point out a potential problem with your old PDA price defense of it.) cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Vancouver, Canada May 4-6 2005 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Username password VS hardware token plus PIN, (continued)
- Re: Username password VS hardware token plus PIN Frank Knobbe (Feb 22)
- Re: Username password VS hardware token plus PIN ArkanoiD (Feb 22)
- Re: Username password VS hardware token plus PIN Frank Knobbe (Feb 22)
- Re: Username password VS hardware token plus PIN Dragos Ruiu (Feb 23)
- Re: Username password VS hardware token plus PIN ArkanoiD (Feb 24)
- Re: Username password VS hardware token plus PIN ArkanoiD (Feb 23)
- Re: Username password VS hardware token plus PIN Frank Knobbe (Feb 23)
- Re: Username password VS hardware token plus PIN ArkanoiD (Feb 22)
- Re: Username password VS hardware token plus PIN Adam Shostack (Feb 22)
- SSL cert expiration hermit921 (Feb 23)
- Re: Username password VS hardware token plus PIN Dragos Ruiu (Feb 23)
- Re: Username password VS hardware token plus PIN Marcus J. Ranum (Feb 23)
- Re: Username password VS hardware token plus PIN Dragos Ruiu (Feb 24)
- Re: Username password VS hardware token plus PIN ArkanoiD (Feb 24)
- Re: Username password VS hardware token plus PIN ArkanoiD (Feb 24)
- Re: Username password VS hardware token plus PIN John Hall (Feb 24)
- Re: Username password VS hardware token plus PIN David Lang (Feb 24)
- Re: Username password VS hardware token plus PIN Kevin (Feb 22)
- Re: Username password VS hardware token plus PIN Andras Kis-Szabo (Feb 23)
- Re: Username password VS hardware token plus PIN Kevin Sheldrake (Feb 23)
- Re: Username password VS hardware token plus PIN Paul D. Robertson (Feb 24)