[EMAIL PROTECTED] wrote:
I've had the same 4 digit PIN on my ATM card for about 20yrs and my account hasn't been cracked yet.
Not a fair comparison. ATM authentication is two factor: something you have (your ATM card) and something you know (your PIN). Passwords are single factor: something you know. Two factor authentication for system login would lessen the complexity requirements for passwords. For instance, if your system required a fingerprint scan and a PIN number, said PIN number could be four digits and you'd be fine. This is also two factor: something you are and something you know.
Two factor authentication is -much- stronger than sinble factor and generally much easier for users to deal with. However, it costs more.
Mike -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
