Passport for Linux On the Way
mrsam writes "PCWorld reports that
Microsoft comissioned
Ready-to-Run Software,
a small software vendor,
to port the Passport server software
to Solaris, Red Hat Linux, AIX, and HPUX. Oh, joy."
← Back to Stories (view on slashdot.org)
Do we see the problem here yet?
/bin/login) don't enforce a delay between guesses.
Not really. A PIN only works if you have the hardware token that goes with it, it's easy to see if your hardware token is missing and you can have it invalidated without needing access to it, and it's very difficult too automate cracking PINs - you can't attach a machine to an ATM and even if you could, the ATM will enforce delays so that guessing a PIN will take a long time.
A password, on the other hand, doesn't need a hardware token (not many people use SecurID), you might not know if its been stolen until it's too late, often it cannot be invalidated without you (or someone else) accessing the same system that it formerly protected, and many systems (unlike
What was your point again?