Penetration Testing mailing list archives
Re: Evaluating Two Factor Authentication
From: "M.D.Mufambisi" <mufambisi () gmail com>
Date: Fri, 1 Oct 2010 15:44:11 -0700
i realise i did not ask my question properly. Im sorry. What i need is a primer on the two factor authentication inherent risks or the two factor authentication threat model to the service, processes (user registration, token issuance etc) and infrastructure (HSM etc). Assume the two factor is implemented on online banking. On 10/1/10, TAS <p0wnsauc3 () gmail com> wrote:
If you want to understand the concepts then Wikipedia should be a good start TAS On 1 October 2010 06:19, M.D.Mufambisi <mufambisi () gmail com> wrote:Hi, I will be evaluating 2 factor authentication scheme in the next coming days. Is there anyone who can point me to some good resources on this? Whitepapers..documents...anything? Regards ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Fwd: Evaluating Two Factor Authentication M.D.Mufambisi (Oct 04)
- Message not available
- Re: Evaluating Two Factor Authentication M.D.Mufambisi (Oct 04)
- Message not available
- Re: Evaluating Two Factor Authentication Jeffrey Walton (Oct 04)