Slashdot Mirror

← Back to Stories (view on slashdot.org)

Testing Commercial 2-Factor Authentication Systems?

Posted by Cliff on from the shouldn't-trust-security-to-a-usb-key dept.

Fry-kun asks: "I recently became interested in setting up a 2-factor authentication system for my laptop. With that in mind, I bought a fairly inexpensive USB key. Although it seems to work, I can't bring myself to trust it completely: Kensington claims that the system is secure, but there is no independent security lab analysis of the product. In other words, for all I know, there may be a gaping hole in their security setup. Worse yet, there are apparently no reviews of the product, no mention of anyone trying to test it and no hardware hackers tried to make it work in Linux, even though it's been out for over 2 years. How would you go about making sure that a security product does what it claims to?"

2 of 56 comments (clear)

  1. Easy by doroshjt · · Score: 2, Funny

    Throw away USB key, then try with all your might to get to your files, if you can, you got a crappy product, if you didn't congrats you won.

    You don't work for the VA do you?

  2. At CES by GiovanniZero · · Score: 2, Funny

    When I was at CES I remember seeing something for this. I'm trying to remember their name. Let's see, they had those hot girls wearing the revealing police uniforms... arg, I don't seem to remember much past that.

    Sorry :(

    --
    Mod me up, mod me down, do your worst you modding clown.