> > 1) A customer login number - not the same as my account number
> > 2) A permanent password
> > 3) A password requested at random from a list of 25 on a card.
>
> How does this protect you from the keyboard sniffer attack? You have to
> type in your customer login number & permanent password every time and all
> 25 passwords will be eventually gathered.
You are absolutely right but it still makes the hacker gather 26 passwords
instead of 1. And assuming you log in maybe once a day, it will take them
nearly a month of continuous monitoring...
An even higher security option is using code tables or a Digipass device
that creates unique passwords each time, but that might be overkill.
BTW a simple way of foiling keyboard sniffers is to keep your pw in a text
file, then you open it and copy and paste using a mouse so you never type it
at all.
> The more important lesson here is to not open every single attachment sent
> to you and to be sure that you are ONLY entering your passphrase at the
> https://www.e-gold.com site; NOT the http://www.e-qold.com site. Also make
> sure you have a secure, hard to guess passphrase.
Excellent advice for sure, but trojans can still be installed without the
user having to open an attachment.
offshoresurfer
---
You are currently subscribed to e-gold-list as: archive@jab.org
To unsubscribe send a blank email to [EMAIL PROTECTED]
