Firewall Wizards mailing list archives

Re: Username password VS hardware token plus PIN

From: Anthony de Boer <adb-fww () leftmind net>
Date: Wed, 2 Mar 2005 00:15:53 -0500

John Hall wrote:

In my experience every senior manager has either a PDA, pager, cellphone,
or Blackberry already.  We just need to make a secure token a required
component for all of those devices.  The first company that gets their
token into any two of the above devices in wide distribution is going
to be rich.


Doing your secure token on a communications device opens up some serious
issues; anyone who can crack you over the wireless network, or persuade
your wireless provider to simply give admin access to your device, has
you cold, with the token algorithm, configured keys and state in the
device, and your passphrase captured next time you enter it.

-- 
Anthony de Boer
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Username password VS hardware token plus PIN Marcus J. Ranum (Mar 01)
- Re: Username password VS hardware token plus PIN David Lang (Mar 01)
  - Re: Username password VS hardware token plus PIN Marcus J. Ranum (Mar 01)
- <Possible follow-ups>
- Re: Username password VS hardware token plus PIN Abe Singer (Mar 04)
- Re: Username password VS hardware token plus PIN Anthony de Boer (Mar 04)