Recently,Dan Shafer wrote: > At least one of these I've seen doesn't actually require the user to > remember what picture/phrase was chosen except on it being shown. > IOW, I choose a picture of a baseball and the word "homer" as my > confirmations. When I log in with my usual user ID and password, the > server presents those symbols and asks me to confirm that they are > the ones I chose. Or it presents, say, three sets of pictures and > associated words and asks me to pick the one I chose. > > The idea is less for the server to identify me than it is for me to > be confident that I'm at the right, authentic server. If I choose my > picture and word wisely, it's just dead simple.
Yes, this is exactly the point (bots and keyloggers not withstanding) -- for users to verify that they have indeed landed on an authentic site and not a phishing expedition. However, if multiple institutions start using this method, as well as other processes such as software registration for example, you probably *will* have to start remembering the pictures/phrases, because your logins will be different for each server. Regards, Scott Rossi Creative Director Tactile Media, Multimedia & Design ----- E: [EMAIL PROTECTED] W: http://www.tactilemedia.com _______________________________________________ use-revolution mailing list use-revolution@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution
