WebApp Sec mailing list archives
Re: [Fwd: Re: new opensource security system product launched]
From: exon <exon () home se>
Date: Fri, 08 Oct 2004 13:16:36 +0200
arun balaji wrote:
what my system provides is better level of fraud prevention and fraud detterent.as in 99.99% of cases my system is unhackable as the complexity lies with the user and the admininstrator.why stop with user id and password. look at other levels of authentication.lets go beyond user id and password and look at other uses for this authentication method
Umm.... I fail to see how this is different than simply having the user input an arbitrary amount of passwords (which is a really dumb idea anyway). With each question you add, there's an increas in the risk that the user will write down his answers/passwords and leave them lying around. That would even lessen security, not improve it.
Possibly you should rethink this. It's not really an earthshaking idea and I can't imagine anyone using it.
bye arun balaji rohit () kritikalsolutions com wrote:I think I understood your algorithm. What I pointed out was that it is probably no better than just password protection in real world. What is the real value addition of this method of yours in a real world application? Thanks Rohit Dube - http://www.prasar.org - come join the cause of silicosis victims,help them get justice - -- http://silicosis.rediffblogs.com ---
Current thread:
- [Fwd: Re: new opensource security system product launched] arun balaji (Oct 05)
- Re: [Fwd: Re: new opensource security system product launched] rohit (Oct 06)
- Re: [Fwd: Re: new opensource security system product launched] arun balaji (Oct 07)
- Re: [Fwd: Re: new opensource security system product launched] rohit (Oct 07)
- Re: [Fwd: Re: new opensource security system product launched] arun balaji (Oct 07)
- Re: [Fwd: Re: new opensource security system product launched] exon (Oct 09)
- Re: [Fwd: Re: new opensource security system product launched] Paul Johnston (Oct 15)
- Re: [Fwd: Re: new opensource security system product launched] David Wall @ Yozons, Inc. (Oct 09)
- Re: [Fwd: Re: new opensource security system product launched] Matt Fisher (Oct 09)
- Re: [Fwd: Re: new opensource security system product launched] arun balaji (Oct 07)
- Re: [Fwd: Re: new opensource security system product launched] rohit (Oct 06)
- <Possible follow-ups>
- Re: [Fwd: Re: new opensource security system product launched] Simon (Oct 12)
- RE: [Fwd: Re: new opensource security system product launched] Michael Silk (Oct 12)
- RE: [Fwd: Re: new opensource security system product launched] Michael Shirk (Oct 14)