mailing list archives
Re: [Full-Disclosure] Clear text password exposure in Datakey's tokens and smartcards
From: Seth Breidbart <sethb () panix com>
Date: Thu, 5 Aug 2004 23:51:07 -0400 (EDT)
"Kevin Sheldrake" <kev () electriccat co uk> wrote:
Ignoring the initial expense for a moment, wouldn't it have made a
lot of sense to include the keypad actually on the cards?
Obviously, card readers would need to be contructed such that the
keypad part of the card would be exposed during use.
No, they wouldn't. The card could remember the key typed on it for,
say, 60 seconds.