--- Marc Branchaud [EMAIL PROTECTED] wrote:
Any thoughts on this device? At first glance, it
doesn't seem
particularly impressive...
http://www.quizid.com/
Surely I'm not the only one that gets the allusion of
the photo on the home page of the pensive Bond-looking
fellow with colored
Marc Branchaud wrote:
Any thoughts on this device? At first glance, it doesn't seem
particularly impressive...
http://www.quizid.com/
Looks like hardware S/Key, doesn't it?
If I could fool the user into entering a quizcode, then it seems like I
could get the device and the admin database
, then it seems like
I could get the device and the admin database out of sync and lock the
user out of the system.
[Note: I have an interest, since QuizID use nCipher hardware]
Their device has a neat way of synchronizing the sequence number to the
server which both avoids the clock drift
of two-factor authentication:
The user then enters their user name (something they know) and the
8-digit Quizid passcode (something they have) into the login screen
of their application.
BBC NEWS | Technology | Handy future for online security
http://news.bbc.co.uk/1/hi/technology
are issued with a card and a personal code, based on a set of
colour keys on the card. Each time they wish to conduct a secure
transaction, they punch in the colour code and a random number is
generated.
The card works in conjunction with the Quizid vault - a large
collection of computers that can
Branchaud, Marc writes:
Any thoughts on this device? At first glance, it doesn't seem
particularly impressive...
http://www.quizid.com/
Lovely idea of two-factor authentication:
The user then enters their user name (something they know) and the
8-digit Quizid passcode
Any thoughts on this device? At first glance, it doesn't seem
particularly impressive...
http://www.quizid.com/
Lovely idea of two-factor authentication:
The user then enters their user name (something they know) and the
8-digit Quizid passcode (something they have) into the login screen
On Thursday 17 Oct 2002 3:15 pm, Adam Shostack wrote:
http://news.bbc.co.uk/2/hi/technology/2334491.stm
and www.quizid.com
[snip]
The card works in conjunction with the Quizid vault - a large
collection of computers that can process 600 authentications per
second. The system cost millions
On Thu, Oct 17, 2002 at 02:39:55PM -0400, Rich Salz wrote:
| Marc Branchaud wrote:
| Any thoughts on this device? At first glance, it doesn't seem
| particularly impressive...
|
| http://www.quizid.com/
|
| Looks like hardware S/Key, doesn't it?
|
| If I could fool the user into entering a