James Longstreet wrote:
On Mar 26, 2006, at 12:12 PM, Anders B Jansson wrote:
And even then they fail the actual user has a gun at his temple.
Frankly, this is true of just about any authentication scheme.
Exactly, so how far should you drive your requirements for an authentication
scheme?
Pushing requirements to far will lead to weaker security and higher cost
without any gain.
--
// hdw
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
