Re: [Exim] restricting AUTH Plain/Login to TLS connectionsy

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jim Knoble
Datum:  
To: exim-users
Betreff: Re: [Exim] restricting AUTH Plain/Login to TLS connectionsy
Circa 2003-01-08 15:20:27 -0500 dixit Derek Simkowiak:

: You should at least require a memorized password in addition to the
: client cert. But passwords are easily caught; a handicam with a big
: zoom lens does the trick. Bigger companies usually require a
: SecurID token or biometric (i.e. handprint). For a cool toy see
: http://www.thinkgeek.com/gadgets/security/5a6c/.

For an explanation of why that's only a cool toy and not real
authentication, see:

http://www.counterpane.com/crypto-gram-0205.html#5

- --
jim knoble | jmknoble@??? | http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
"I am non-refutable." --Enik the Altrusian