On 6/13/06, Josh L. Perrymon [EMAIL PROTECTED] wrote:
I'm mean-- the more hoops you have to jump through will make it harder to
attack or replicate from a phishing view.. but also making it much more
cumbersome on users.
Ironic, considering one of the main goals of these systems is to make
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo All!
I thought I'd actually risk a real security question here.
Any one seen the PassMark (www.passmarksecurity.com) security system
in action?
RGDS
GARY
- ---
Gary E.
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Gary E. Miller wrote:
Yo All!
I thought I'd actually risk a real security question here.
Any one seen the PassMark (www.passmarksecurity.com) security system
in action?
Yes.
Bank of Bangalore^H^H^H^H^H^H^H^H^HAmerica uses it, as well
I would agree as well, having recently reviewed them with others in the same field. Apart from relying on users to only enter their password if they saw an image, the solution heavily relied on cookie usage. This works fine for most people but a lot of corporate environments have persistant cookie
@lists.grok.org.ukSubject: Re: [Full-disclosure]
PassMark?I would agree as well, having recently reviewed
them with others in the same field. Apart from relying on users to only enter
their password if they saw an image, the solution heavily relied on cookie
usage. This works fine for most people but a lot