|
Firewall Wizards
mailing list archives
Re: Username password VS hardware token plus PIN
From: Dragos Ruiu <dr () kyx net>
Date: Wed, 23 Feb 2005 16:17:01 -0800
On February 22, 2005 09:56 am, Marcus J. Ranum wrote:
#include <sys/rant/ranum/2978378.h>
Response to Standard Ranum rant:
The problem with the old PDA idea is user reluctance.
Sure it gets over the cost issue, but convincing some
technophobe senior manager to carry around a small
commercial token is hard enough. Making him/her lug
around an old electronic brick, associated case and
chargers, will be even more of an uphill task. And I would
bet that pointing out that it can play tetris will do little
to sell it further in those cases. :-)
(Note I don't disagree with 2 factor token based identification,
quite the opposite actually, I recommend it to all my consulting
customers as a preferred security/auth architecture. Just
wanted to point out a potential problem with your old PDA
price defense of it.)
cheers,
--dr
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada May 4-6 2005 http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
|
Intro
