------------------------ Yahoo! Groups Sponsor --------------------~--> 
$9.95 domain names from Yahoo!. Register anything.
http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/jyXolB/TM
--------------------------------------------------------------------~-> 

AOL Moves Beyond Passwords for Log-Ons
Sep 20, 9:32 PM (ET)
By ANICK JESDANUN



NEW YORK (AP) - Passwords alone won't be enough
to get onto America Online under a new, optional
log-on service that makes AOL the first major
U.S. online business to offer customers a second
layer of security.

The so-called two-factor authentication scheme,
being unveiled Tuesday, will cost $1.95 a month
in addition to a one-time $9.95 fee. It is
initially targeted at small businesses, victims
of identity theft and individuals who pay a lot
of bills and conduct other financial transactions
through their AOL accounts.

Subscribers get a matchbook-size device from RSA
Security Inc. (RSAS) displaying a six-digit code
that changes every minute. The code is necessary
to log on, so a scammer who guesses or steals a
password cannot access the account without the
device in hand.

Two-factor authentication - whether through the
RSA device, biometrics or cards printed with
rotating lists of passwords - is common in
Scandinavia, Brazil, Singapore and selected
countries. In the United States, its use is
largely limited to employees accessing office
networks remotely, or people with high-value
financial portfolios.

AOL spokesman Andrew Weinstein said the time was
ripe to offer it as subscribers move more of
their sensitive personal, business and financial
information online.

The offering also comes as scammers increasingly
find ways to trick subscribers into giving their
passwords by sending e-mail disguised as
legitimate information requests.

And with so many sites now requiring passwords,
many Internet users have become careless: They
create easy-to-remember passwords that tend to be
easy to guess - or they write them down on sticky
notes and post them at their computers.

By requiring the second, rotating password, "you
don't have to remember complicated passwords to
still have good security," said Scott Schnell, a
senior vice president at RSA Security.

The second password will be required for checking
e-mail and accessing services tied to the AOL
account, including calendars, stock portfolios
and AOL's Bill Pay.

It won't protect services offered by third
parties on the open Internet, outside AOL's
walled gardens, except in cases where their
statements and other sensitive information are
sent to the AOL e-mail account. Nor is the second
password needed to use AOL Instant Messenger.

Gartner analyst Avivah Litan believes a "very
narrow set of consumers" - perhaps 5 percent to
15 percent of AOL's 30 million subscribers -
would sign up, but "you have to start somewhere."

She said AOL's offering likely would prompt other
Internet service providers and banks to consider
such systems more seriously, though the
prevailing belief these days is that customers
will find them difficult to use.

Just this summer, HSBC Bank USA began requiring a
second password to access its bill-payment
services.

That password is entered using an on-screen
keypad to thwart snoops who secretly install
software that records keystrokes as they are
typed on a regular keyboard.

Unlike AOL's service, though, neither password
automatically changes, nor is there a charge. 

http://apnews.myway.com/article/20040921/D857O9780.html




        
                
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail 

 

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/E-MAIL_TRIVIA/

<*> To unsubscribe from this group, send an email to:
    [EMAIL PROTECTED]

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
 


Reply via email to