Circa 2003-01-08 15:20:27 -0500 dixit Derek Simkowiak:
: You should at least require a memorized password in addition to the
: client cert. But passwords are easily caught; a handicam with a big
: zoom lens does the trick. Bigger companies usually require a
: SecurID token or biometric (i.e. handprint). For a cool toy see
:
http://www.thinkgeek.com/gadgets/security/5a6c/.
For an explanation of why that's only a cool toy and not real
authentication, see:
http://www.counterpane.com/crypto-gram-0205.html#5
- --
jim knoble | jmknoble@??? |
http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
"I am non-refutable." --Enik the Altrusian