Ed Gerck wrote: > (UI in use since 2000, for web access control and > authorization) After you enter a usercode in the first > screen, you are presented with a second screen to > enter your password. The usercode is a mnemonic > 6-character code such as HB75RC (randomly generated, > you receive from the server upon registration). Your > password is freely chosen by you upon > registration.That second screen also has something > that you and the correct server know but that you did > not disclose in the first screen -- we can use a > simple three-letter combination ABC, for example. You > use this to visually authenticate the server above the > SSL layer. A rogue server would not know this > combination, which allays spoofing considerations -- > if you do not see the correct three-letter > combination, do not enter your password.
No one is going to check for the correct three letter combination, because it is not part of the work flow, so they will always forget to do it. It might work if you have something that dramatically alters the overall look of the page and organization of the page, such as a big skin with a big graphic, editable by user, and initially randomly generated per user. If you put the fields in different places, depending on the user, then user will have to pay attention when fields are not where he expects them to be. It would also help if you made the login page extensively user customizable, and ask the user to customize it in order to protect himself against phishing. When suddenly his customizations vanish, he will instantly and instinctively feel that what is his has been taken, and appropriately perceive himself to be under attack. But a better solution would be to use SRP or J-Pake so that a successful phish fails to reveal the password. Unfortunately, for reasons that are entirely unclear to me, there is passionate resistance to building J-Pake or SRP into the browser - we need a UI in the browser, and a PHP module on the server, to make these actually usable. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com