WebApp Sec: Re: Article - A solution to phishing

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

Re: Article - A solution to phishing

From: Saqib.N.Ali () seagate com
Date: Sun, 28 Nov 2004 08:07:17 -0800

My online bank uses a system of picking random numbers from
my password, and asking me to match those numbers with a
drop down box, instead of just typing in the exact password
in the same format at each login.


This "might" prevent against brute force attacks. However if somebody 
already has your password, this login process won't deter him/her from 
accessing your banc account. An easier way to prevent against brute-force 
attacks is to use CAPTCHA ( http://en.wikipedia.org/wiki/Captcha ).

-- 
In Peace,
Saqib Ali
http://tools.tldp.org/search.php <--- Search for Linux HOWTOs

By Date By Thread

Current thread:

RE: Article - A solution to phishing, (continued)
- Re: Article - A solution to phishing focus (Nov 27)
  - RE: Article - A solution to phishing Mark Curphey (Nov 29)
    - RE: Article - A solution to phishing focus (Nov 29)
  - Re: Article - A solution to phishing Tran Viet Phuong (Nov 29)
  - Re: Article - A solution to phishing Saqib . N . Ali (Nov 29)
    - Re: Article - A solution to phishing Mark Burnett (Nov 29)
    - RE: Article - A solution to phishing WebAppSecurity [Technicalinfo.net] (Nov 29)
- Re: Article - A solution to phishing Michael Silk (Nov 29)
  - RE: Article - A solution to phishing WebAppSecurity [Technicalinfo.net] (Nov 29)
- RE: Article - A solution to phishing Michael Silk (Nov 29)