Hello All, > Date: Sun, 30 Dec 2001 11:44:28 -0500 > To: [EMAIL PROTECTED] > From: Geoffrey Turk <[EMAIL PROTECTED]> > Subject: [dgc.chat] Dealing with Passphrase Cracking > Bots and Motives for Initiating Them
[ MELTED ] > Also, remember that using a passphrase for account protection > means you are relying only on "something you know". Using public > key cryptography (digital certificates), you add in an extra security > measure: "something you have". By adding a digital certificate to the > login procedure for your DGC account, your gold holding is protected > against all passphrase attacks, because the cracker does not have > your digital certificate, which is stored securely in your web > browser. "Something you have" in this case really means "something your computer knows" which will cause proliferation of viruses which will harvest these digital certificates and send them to malicious people, while users will have false feeling of security. The real "something you have" is genetic code plus your birth date which will ensure that there is no malicious clone in action and even this is complicated with twins and other cases. Anyway it is rather religious discussion because there will always be the people who rely on something they know and the people who rely on something they have. e-Gold in its present state is good for advanced users who are able to remember long and complex passphrases and want more freedom in account management while the systems with digital certificates are good for average users who are not able to remember their passphrases. May be some sort of vitamin may help to improve memory capabilities for average users? Any ideas or opinions? Respectfully yours, Dmitry Salnikov, http://dmitry-salnikov.com/index.htm International business catalogue for e-gold users, http://dmitry-salnikov.com/veda.htm Gold Web Ring traffic maker for e-gold sites, http://o.webring.com/hub?ring=gold FreeBSD, Linux, C/C++, Perl, ... Web software development services, English / Russian translations. --- You are currently subscribed to e-gold-list as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] http://www.e-gold.com/stats.html lets you observe the e-gold system's activity now!
