WebApp Sec mailing list archives
Re: Question concerning Access Card
From: Peter Conrad <conrad () tivano de>
Date: Thu, 29 Apr 2004 17:26:45 +0200
Hi, On Tue, Apr 27, 2004 at 07:01:16PM -0500, Richard Douglas García Rondon wrote:
The next link explains that method: http://szabo.best.vwh.net/secret.html the secret is the password.
I don't think so. That URL describes secret splitting which is usually used to distribute a single key among several people. It would be pointless to split a secret among *one* person.
Quoting Peter Conrad <conrad () tivano de>:I don't know if that's the case here, but it looks like a simple way to make the handling of a very long PIN easier. E. g. I have an online bank account where I get asked for a random selection of digits from a longer PIN (e. g. "Please enter digits 3, 7 and 9 from your PIN"). I suppose in the above case you'd be asked "Please enter PIN b3", which is basically the same mechanism.
Bye, Peter -- Peter Conrad Tel: +49 6102 / 80 99 072 [ t]ivano Software GmbH Fax: +49 6102 / 80 99 071 Bahnhofstr. 18 http://www.tivano.de/ 63263 Neu-Isenburg Germany
Current thread:
- Question concerning Access Card Adrian Wiesmann (Apr 22)
- Re: Question concerning Access Card Peter Conrad (Apr 23)
- RE: Question concerning Access Card Lluis Mora (Apr 23)
- Re: Question concerning Access Card Richard Douglas García Rondon (Apr 28)
- Re: Question concerning Access Card Peter Conrad (Apr 30)
- Re: Question concerning Access Card Peter Conrad (Apr 23)