Security Basics mailing list archives
Re: Disaster Encryption
From: "Matthew Kosmoski" <mkosmo () gmail com>
Date: Wed, 25 Apr 2007 02:38:29 -0400
On 24 Apr 2007 19:17:33 -0000, jaxjunk1 () comcast net <jaxjunk1 () comcast net> wrote:
Has anyone seen anything like this or have a better suggestion?
Just pondering this, and it seems still vulnurable if your passwords are stored like this. What if the password is unintentionally leaked? Why not use a tiered authentication strategy, such as an accompanied RSA token? Such that the password is the least of your worries, and so that the RSA dongle these privileged people have is the real verification. So when they call your DR admin, then give them the password, then the RSA token currently on their dongle. Seems like a more secure method, if you want as much security over your recovery and the data involved as I infer from your current plan. -- Matthew J. Kosmoski <mkosmo () gmail com> -- Matthew J. Kosmoski <mkosmo () gmail com>
Current thread:
- Disaster Encryption jaxjunk1 (Apr 24)
- Message not available
- Re: Disaster Encryption Matthew Kosmoski (Apr 25)
- Message not available