Re: Evaluating Two Factor Authentication

[Jeffrey Singleton <jeff () hackdefendr com>]

I'm not sure if this will help...but should offer some additional
information on the research side of two-factor authentication.  I am
evaluating WiKiD Systems Two-Factor Authentication...they have a
community version you can try out as well as a client for every
platform available.  http://www.wikidsystems.com/

--
J

On Fri, Oct 1, 2010 at 6:44 PM, M.D.Mufambisi <mufambisi () gmail com> wrote:
> i realise i did not ask my question properly. Im sorry. What i need is
> a primer on the two factor authentication inherent risks or the two
> factor authentication threat model to the service, processes (user
> registration, token issuance etc) and infrastructure (HSM etc). Assume
> the two factor is implemented on online banking.
>
> On 10/1/10, TAS <p0wnsauc3 () gmail com> wrote:
> > If you want to understand the concepts then Wikipedia should be a good start
> >
> > TAS
> >
> > On 1 October 2010 06:19, M.D.Mufambisi <mufambisi () gmail com> wrote:
> > > Hi,
> > >
> > > I will be evaluating 2 factor authentication scheme in the next coming
> > > days.
> > > Is there anyone who can point me to some good resources on this?
> > > Whitepapers..documents...anything?
> > >
> > > Regards
> > >
> > > ------------------------------------------------------------------------
> > > Securing Apache Web Server with thawte Digital Certificate
> > > In this guide we examine the importance of Apache-SSL and who needs an SSL
> > > certificate.  We look at how SSL works, how it benefits your company and
> > > how your customers can tell if a site is secure. You will find out how to
> > > test, purchase, install and use a thawte Digital Certificate on your
> > > Apache web server. Throughout, best practices for set-up are highlighted
> > > to help you ensure efficient ongoing management of your encryption keys
> > > and digital certificates.
> > >
> > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > > ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------