On 10 November 2012 12:48, Herndon Elliott <[email protected]> wrote: >> Subject: [Pauldotcom] Soft Tokens?? >> What are your thoughts on software tokens as a two factor auth solution? >> Would like to hear both sides. And if your 'for' then which >> solutions/products have you used. And by all means if you have pwn'd a two >> factor soft token login, please share (if you can). > > Isnt "two factor" and "software token" mutually exclusive? While a > software implementation of two factor may emulate the actual hardware > (the second factor), isnt it actually, really not two factor? Its one > factor, something you know. The something you have is now just > another app that the user doesnt really provide?
I'd disagree with that, an RSA token is just software running on a custom piece of hardware. What is the difference between the RSA token and an app running on my Android phone when both are generating authentication codes. Not saying the app is as secure as the hardware token just a different way to implement it. Robin > > Sorry, I have nothing of value to add.... > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
