Security Basics mailing list archives
RE: How to authentificate an user via telephon?
From: "Gary Turovsky" <GTurovsky () tpgstaffing com>
Date: Fri, 6 Dec 2002 11:30:29 -0600
I have to say that I think thats a very insecure authentication method. Our company deals heavily with finding people, and getting information about them, and I can say from experience here that getting someone's SSN and birthdate is a trivial task. You'd be much better off with another system such as the three authenticating questions someone propsed earlier. I also recommend PasswordSafe from www.counterpane.com its a free product that allows you to manage multiple passwords in a secure 448bit blowfish encrypted storage. (that should help your users from forgetting their passwords all the time)
Except when they forget the passphrase for their encrypted passwords :)
Current thread:
- RE: How to authentificate an user via telephon?, (continued)
- RE: How to authentificate an user via telephon? Valter Santos (Dec 05)
- RE: How to authentificate an user via telephon? Brian Cook (Dec 05)
- RE: How to authentificate an user via telephon? Schuler, Jeff (Dec 05)
- RE: How to authentificate an user via telephon? McLaughlin, Bryan (Dec 05)
- AW: How to authentificate an user via telephon? Robert Sieber (Dec 05)
- RE: How to authentificate an user via telephon? Darryl W. Malcolm (Dec 05)
- RE: How to authentificate an user via telephon? Art Tarsha (Dec 05)
- Re: How to authentificate an user via telephon? Chris Berry (Dec 06)
- Re: RE: How to authentificate an user via telephon? Robert Sieber (Dec 06)
- RE: How to authentificate an user via telephon? mario . walter (Dec 06)
- RE: How to authentificate an user via telephon? Gary Turovsky (Dec 06)
- RE: How to authentificate an user via telephon? Mark Medici (Dec 06)
- RE: How to authentificate an user via telephon? Chris Berry (Dec 06)