> sites. Now that nearly everyone carries a phone that can be your > hand-held-authenticator and/or receive text messages the old excuses > of high cost and social acceptance are fading.
Two factor auth is indeed great and I am all in favor of adding more hoops for an attacker to jump through. Don't forget that now we need to worry about the security of the mobile phones on which we intend to receive the authentication messages: http://www.google.com/search?q=zeus+intercept+sms Two-factor auth on phones is being attacked in the wild. -- Tracy Reed http://tracyreed.org
pgpOj7I04CGvS.pgp
Description: PGP signature
_______________________________________________ Tech mailing list [email protected] http://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
