Menu
▾
▴
Re: [Devil-Linux-discuss] hard tokens
|
From: Fred F. <ffr...@lo...> - 2008-10-24 13:54:14
|
There are two things. The USB key is part of a two factor login. Something you know (username and password) and something you have (the usb key). You could duplicate the key but you need physical access, and you can in theory guess the value of that key but that can be as long as you want. Username and passwords we all know how fragile they are. The only other factor one can add is something you are (fingerprint for example). Another version of something you have which makes it harder to duplicate is a single key generator. If you somehow intercept the key on one login (Tempest? Key Logger?) it will not help you on the next loggin. You need to have access to the key generator. There are weaknesses but still stronger than password protected keychain for SSH for example. There are variations and some weaken the system to avoid data loss through loosing the key. Fred Frigerio Locust USA This electronic message transmission contains information from Locust USA which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic transmission in error, please notify us by telephone (305-889-5410) or by reply via electronic mail immediately. -----Original Message----- From: Bruce Smith [mailto:bw...@re...] Sent: Friday, October 24, 2008 7:33 AM To: dev...@li... Subject: Re: [Devil-Linux-discuss] hard tokens I admit that I've never researched this subject, but ... Can't software tokens and USB keys easily be copied? Doesn't that defeat the purpose? What's the difference between a USB/software key and just putting your private key on a USB stick? - BS > I found some infos, in case someone else is interested too. > It's all free and seems to work with software tokens, so a hardware > token should hopefully work too. > > http://www.oiepoie.nl/2008/05/02/free-strong-two-factor-authentication > -using-one-time-passwords-on-your-mobile-phone/ > http://www.tri-dsystems.com/documentation/quickstart.html > http://fbq.hamal.nl/index.php/archives/8#more-8 > > -- > > Regards > Heiko Zuerker > http://www.devil-linux.org ------------------------------------------------------------------------ - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss |
