Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

firewall-wizards logo Firewall Wizards mailing list archives

Re: Username password VS hardware token plus PIN
From: ArkanoiD <ark () eltex net>
Date: Wed, 23 Feb 2005 01:38:23 +0300
nuqneH,

Aren't you afraid of BT-transmitted worm with keylogger feature? ;-))

On Tue, Feb 22, 2005 at 12:15:09PM -0600, Frank Knobbe wrote:

On Tue, 2005-02-22 at 13:05 -0500, Marcus J. Ranum wrote:

Frank Knobbe wrote:

My "token" consists of a Java OTP calculator running on my Nokia 9500. A
hardware device with OTP thingy. 


Hey, now that's cool! It's probably a bit more expensive for a company
to field to all employees than an obsolete PDA would be, and it's
probably even more expensive than a SecurID card. For now.



Well, I use it not only for authentication (actually, I do not use it
for OTP authentication at all... but I could! :)  I chose that model
since it has a nice, usable keyboard, nice 80x25 screen, and I can do
SecureShell to systems from where ever via GPRS/EDGE.

You made the point, though. There are cheap, mobile devices (like PDAs,
phones) that can calculate one-time responses. The only advantage
SecureID, Vasco, CryptoCard and such have might be ease of use. 

Cheers,
Frank



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]