Hi, all Something that's been discussed here (a while back) is the dichotomy between what you have and what you know, with respect to proving who you are, or that you should have access to something. One thing that a lot of people who are concerned about security already have is a PGP/GPG key. If you have one, you can use your public key to avoid ever using your password again on a Shadowcash system.
To try this on the demo, follow along: 1. Open an account (you don't have to verify an address, but if you don't have an email address that works in the system, this won't work). 2. Go to "Edit Account" (if you just created an account, you're there). 3. Enter an Account Recovery Email there at the top, and put in your public key in the field at the bottom provided for it. Don't bother with the "verify this now" checkbox for now. Update your info. 4. Go to "Security Options", and select "Allow Profile Recovery using the email address supplied in Contact Info". Update options. 5. Go to "Other Options", and check "Cryptographically encrypt emails to me". Make sure "Cryptographically sign emails to me" is also checked, but it should be already. Update options. 6. Log out. 7. From the Login screen, click "recover your Profile" (Profile means 'Account', here; it's changable). 8. Enter your username, and press "Send Profile Recovery". You should shortly receive a signed, encrypted email from the system. When you open it, you'll see a link to use to access your account. It defaults to the screen where you can change your password, but you don't have to use it for that! You can just use the link, and move about the site normally. If you repeat 7 and 8 every time you want to access your account, you'll never have to send your password over the network, and someone using a keystroke logger on your system will have the harder job of acquiring your private key in order to access your account. Of course, since you'll never have to use it, you can make the password for your account truly random, including punctuation, etc, and forget it. :) -- Randall Randall <[EMAIL PROTECTED]> 'Institute regime change everywhere... to "None of the above."' -- Alex Future Bokov --- You are currently subscribed to e-gold-list as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
