[WEB SECURITY] Jakob Nielsen's Stop Password Masking
John Steer
jtsteer at hotmail.com
Sat Jul 11 20:09:41 EDT 2009
Two factor authentication.
What I have - Smart Card / FOB
What I know - PIN
Even if there is shoulder surfing or keystoke logging, unless they have physical possession of the smart card they cannot break in
> From: security at reliableanswers.com
> To: bil at corry.biz; michael at winterstorm.ca
> CC: websecurity at webappsec.org
> Date: Sat, 11 Jul 2009 15:43:20 -0700
> Subject: RE: [WEB SECURITY] Jakob Nielsen's Stop Password Masking
>
> > > Rather than calling for the abandonment of masking, Nielsen
> > > (whose has earned the respect that his voice carries) should
> > > be calling for alternate input methods that are resilient in
> > > the face of surveillence and afford higher usability.
> >
> > Anyone know more about this technology?
>
> Biometrics are a good example (fingerprint scanners and so forth).
>
>
>
> ----------------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20090711/8df46561/attachment.html>
More information about the websecurity
mailing list