WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Entrust - Identity Guard - Any experience?

From: Saqib Ali <docbook.xml () gmail com>
Date: Sun, 21 Aug 2005 07:48:47 -0700
Two-factor means, to many of us, that there is something in addition to
something-you-know. A hardware token, a printed OTP list, biometric, or a
secured terminal with unique identifying keys/tools.


The problem with a Printed List of OTPs and Entrust Identity Guard is
that they give false sense of security in case they are stolen and
duplicated. Someone can easily duplicate these without the knowledge
of the owner. And the owner still thinks that he/she is the sole owner
of Entrust Identity Guard. Whereas a hardware token (e.g. RSA
SecureID) is a lot harder to duplicate. It might be easy to steal a
hardware token, but NOT without the knowledge of the owner. Once the
owner find out that the hardware token is stolen, he/she can get it
de-activated.

-- 
In Peace,
Saqib Ali
http://www.xml-dev.com/blog/
Consensus is good, but informed dictatorship is better.
Previous By Date Next
Previous By Thread Next

Current thread: