Slashdot Mirror

← Back to Stories (view on slashdot.org)

Users feel Password Rage

Posted by CmdrTaco on Sunday September 7, 2003 @01:50AM from the hulk-no-can-log-in-hulk-smash-puny-pc dept.

Pcol writes "The Baltimore Sun is reporting on Password Rage, the frustration users have with the abundance of codes they are required to memorize. Some cope by remembering their passwords with the help of a tune or a phrase, some use three or four levels of passwords with the most complex protecting financial information, and others keep all their passwords in a database - protected by a password. Security experts say that with the increased use of biometrics, our reliance on passwords will lessen in the future. Until then, it's ok to cheat - but wisely."

2 of 388 comments (clear)

Min score:

Reason:

Sort:

Biometrics on it's own is weak authentication by Herrieman · 2003-09-07 02:02 · Score: 5, Interesting

Biometrics on it's own is still one-factor, and thus weak, authentication. To make it strong authentication, you still have to add:

- something you have (such as a token) or
- something you know (such as a password or pin :))

--
http://blog.astyran.sg
Re:USB keys by TCM · 2003-09-07 02:23 · Score: 5, Interesting

How does this protect malware to read it off your USB stick _and_ use it? Right, you protect your private PGP key with.. a password!

The only thing that comes to mind that's even remotely sophisticated is an "intelligent" USB stick, so to speak. It contains your private key and never gives that out to anything. Instead, it gets fed a challenge, encrypts it using the key and sends it back to the computer where the corresponding public key is stored.

Is anyone using something like this on a regular basis (for his home server/desktop)?

--
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6