There is no panacea. Biometrics can have revocation issues. Cheers Ken
-----Original Message----- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Friday, 19 August 2011 11:37 PM To: NT System Admin Issues Subject: RE: Why not failwords? Yep. Biometrics-only or biometrics in conjunction with a PIN/password are really the best way to go. We *have* the technology to do this. From: James Hill [mailto:j.h...@coffeeclub.com.au] Sent: Thursday, August 18, 2011 7:03 PM To: NT System Admin Issues Subject: RE: Why not failwords? I still think passwords have to die. There are better options. From: Hilderbrand, Doug [mailto:doug.hilderbr...@craneaerospace.com] Sent: Friday, 19 August 2011 3:25 AM To: NT System Admin Issues Subject: Why not failwords? I was just reading all those emails about making hard to crack passwords (Almost but not quite OT: Passwords). I like Steve Gibson’s analysis of why long passwords are harder to brute force crack than shorter complex ones. But, I wonder… Why hasn’t anyone implemented fail words? Two or more passwords associated with your account or whatever. One you use for normal access and is as hard to crack as you can make it and still be memorable. Then another password that would be easy(er) to crack that triggers some event? Here are a few scenarios I can think of off the top of my head: [] Bank manager forced to open the vault at gunpoint. Use the failword. Opens the vault and rings the silent alarm. [] Someone tries to login to your PayPal or bank account and tries your failword. They get the usual bad password result, but you get a text message on your cell phone. [] Someone tries to unlock your iPhone. They try the failword and it gets locked until you send it a special email or text or 24 hours expire, etc. Is there some reason this is a bad idea? I can’t think of any… ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
