Bill Stewart wrote:
Yup. It's the little keychain frob that gives you a string of numbers,
updated every 30 seconds or so, which stays roughly in sync with a server,
so you can use them as one-time passwords
instead of storing a password that's good for a long term.
So if the phisher cons you
oh, and this is old discussion of a unit that has been in use in europe
... it basically is very inexpensive calculator with 7816 contacts that
you can slip a smartcard into. it is used in a challenge/response
scenario, a numeric keypad is used to enter the challenge, which is
passed to the
R.A. Hettinga wrote:
Okay. So AOL and Banks are *selling* RSA keys???
Could someone explain this to me?
At 12:24 PM 1/4/2005, Trei, Peter wrote:
The slashdot article title is really, really misleading.
In both cases, this is SecurID.
Yup. It's the little keychain frob that gives you a string
On Tue, Jan 04, 2005 at 03:24:56PM -0500, Trei, Peter wrote:
R.A. Hettinga wrote:
Okay. So AOL and Banks are *selling* RSA keys???
Could someone explain this to me?
No. Really. I'm serious...
Cheers,
RAH
The slashdot article title is really, really misleading.
In
Bill Stewart wrote:
That's still a serious risk for a bank,
since the scammer can use it to log in to the web site
and then do a bunch of transactions quickly;
it's less vulnerable if the bank insists on a new SecurID hit for
every dangerous transaction, but that's too annoying for most customers.
Okay. So AOL and Banks are *selling* RSA keys???
Could someone explain this to me?
No. Really. I'm serious...
Cheers,
RAH
http://www.nytimes.com/2004/12/24/technology/24online.html?oref=loginpagewanted=printposition=
The New York Times
December 24, 2004
Banks Test ID Device
R.A. Hettinga wrote:
Okay. So AOL and Banks are *selling* RSA keys???
Could someone explain this to me?
No. Really. I'm serious...
Cheers,
RAH
The slashdot article title is really, really misleading.
In both cases, this is SecurID.
Peter