> Some examples of easy to remember possibilities: > turing number: abcdef 123456 > reverse: fedcba 654321
But how do you communicate the 'reverse / offset 3 right' etc. instructions? They are simple algorithms that can be programmed by a cracker and I think really lower usability. > Once this becomes possible, I would like to have the option to have an > automatic > email message sent to me whenever somebody tries to log into my > account , with the > correct password but wrong response to the turing number. > This would mean that somebody has found my passphrase and is trying to > crack the > turing code. This is potentially insecure because the server is providing information about WHY a login failed. It would need to be encrypted or else someone could intercept it. Even the event of sending the email could denote partial success. Fun to think about though, Jeff --- You are currently subscribed to e-gold-list as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
