has any ever tested a https portal?

["Richard Braganza" <iwtb0202 () googlemail com>]

Hi mismail, list,
mismail wrote


> the pin is one time unique! has anyone ever come across a setup like this?

Check out PINSafe by Swivel Secure (2 factor - unique PIN sent by email or
sms)
I found it during some app testing
It looked very good apart from the way it was implemented:Badly, it allowed
DoS any logged in user, by logging them off. The product was not to blame
IMHO - only how it was integrated to the web site
Best Regards
RARB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/