nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Dear Linkedin,

From: Mike Hale <eyeronic.design () gmail com>
Date: Fri, 8 Jun 2012 22:17:31 -0700
Are the bad guys winning though?

Are they really?
On Jun 8, 2012 9:43 PM, "Hal Murray" <hmurray () megapathdsl net> wrote:




Does your bank request/require that you change the PIN
on your ATM card every few months?



ATM cards are not passwords, they are a coarse form of two-factor
authentication - You have the card, you have the PIN.



You have to possess both in order to transact - at least in in theory.



Compare that with the secrecy surrounding the CVV - the "last three

digits

on the number on the back of the card" which you are "not meant to tell
anyone" and which _will_ be different if your card is lost/stolen and
reissued.


If I'm not supposed to not "tell anyone", why is it even printed where I
can
read it?

----

[Context is only having so-many brain cycles to memorize passwords.]


It's harder as we get old.  Use technology to aid with the heavy

lifting.  :-)

Right.  But the meta problem is figuring out which technology to trust.

Phishing is the tip of the iceberg on social engineering.  So far, the bad
guys are winning.





--
These are my opinions.  I hate spam.
Previous By Date Next
Previous By Thread Next

Current thread: