Hi,
There is a simple way to make the e-gold account much safer. One could allow users to respond to the turing number in different ways, as an optional extra security. For example if the turing number is 534712 , my response could be 217435 (reverse order), or perhaps 712534, or 465287,.. There are really many possibilities to alter the turing number in a formulaic way, known by the user (easy to remember) and also known by the e-gold server as a special setting in the account setup. This way the e-gold server can quickly check if the user responds to the turing number in the right way. This makes it much more difficult to crack an account because even if you know somebody's passphrase and have found a way to scan the turing number (as someone has demonstrated), you still don't know what is the right way to respond to the turing number. Some examples of easy to remember possibilties: turing number: abcdef 123456 reverse: fedcba 654321 shift 3 numbers: defabc 456123 fixed change of 3rd digit: ab4def 124456 summation: a+b+c+d+e+f 21 summation + fixed number: a+b+c+d+e+f + 500 521 .... Once this becomes possible, I would like to have the option to have an automatic email message sent to me whenever sombody tries to log into my account , with the correct password but wrong response to the turing number. This would mean that somebody has found my passphrase and is trying to crack the turing code. It alerts me to change the passphrase. What do you think? Danny http://two-cents-worth.com/?102468&EG --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
