Favorite Files

No favorite files added yet

Recent Posts

1. Comment - 1/3 of Workers Write Down Passwords

   (Oct 19, 2006 - 4:30 AM)

   This quote from above is about as naive as they come:
   "Companies looking to ensure security should look beyond passwords to other authentication strategies."
   Most strong authentication technologies, and in particular OTP [one-time passwords], don't work when a user is disconnected. This is one reason passwords are likely not going away - users want to be able to work in hotel rooms, airports, their back yard, etc., often away from wired or wireless access. In these cases, a central server is unable to authenticate the user, but a locally cached password still works."
   
   You should also be reminded me that in multifactor authentication one of the factors is frequently a password, something that won't disappear for a while. So when most security experts recommend doing away with passwords entirely they should re-think and amend that to be a recommendation to do away with passwords as the sole method of authentication.
   
   The problem is not the legislation but the culture of the organizations who heve been either negligent or too bone idle to take data protection seriously.
   (Some content courtesy of an article in Network World last week).