Tango, cycling, & technology...from a Portlander.

Tango, cycling, & technology...from a Portlander.


Tuesday, May 24. 2005

Posted by Gregg Berkholtz

Comments (0)
Trackbacks (0)
Vote for articles fresher than 7 days!
Current karma: none, 0 vote(s) 247 hits

Strong passwords will be a necessary evil for the forseeable future. How many phones, public/coffee terminals, and home computers have biometric authentication gadgets? How many of these gimicks ...

Strong passwords will be a necessary evil for the forseeable future. How many phones, public/coffee terminals, and home computers have biometric authentication gadgets? How many of these gimicks work together? My users need the ability to access nearly everything on our systems, from anywhere. This includes our WAP portal, email from their phone, our various web-apps, SSH/terminal servers, and their IMAP/SMTP email clients. How many of these systems could even possibly function with anything but passwords. Take the IMAP/SMTP system for example, how would you tie biometic authentication into standard SMTP AUTH? How about a web app - how is a fingerprint entered there? Or consider our WAP gateway, how are users going to enter a fingerprint on their phones?

We cant just mandate users access our systems from "approved" sources - that flys in the face of what management is asking for: A system accessible anywhere, with reasonable security percautions in effect.

Though centralized authentiation schemes like LDAP are working well for us, "legacy systems" (ie: accounting, payroll, and factory/inventory management) dont integrate with central authentication systems. Meaning that's yet another password to remember...

With users accessing our systems from so many sources, strong and frequently changed (90-180 days) passwords are a necessity. Though they need the ability to save them:
1) How important is the data in your wallet/purse. Why not just write the passwords down, store them in your wallet/purse, and then manage that. After-all, if your wallet/purse has been stolen or rumaged through, there's a good chance you'll know.
2) Consider this two-factor authentication system:
Something you have: cell phone
Something you know: password to program

How many folks now have MIDP/Java enabled phones. Why not provide them with an app to securely save their passwords on their phone? With a tool like FreeSafe They could not only store all their passwords on their cell phone, they can generate both random new passwords, and One Time Password hashes.

Now if FreeSafe could only store notes, and have some sort of backup capability (which the developer says he's working on)...
Twitter Bookmark at del.icio.us Facebook Digg Bloglines Technorati Fark this: Bookmark at Furl.net Bookmark at reddit.com Bookmark at blinklist.com Bookmark at NewsVine Bookmark at Simpy.com Bookmark at blogmarks Bookmark with wists Bookmark using any bookmark manager! Stumble It! E-mail this story to a friend!

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
To leave a comment you must approve it via e-mail, which will be sent to your address after submission.
 
 

Frontpage - Top level
Quicksearch
Categories
Archives
Syndicate This Blog



Creative Commons
Creative Commons License - Some Rights Reserved
Original content in this work is licensed under a Creative Commons License
Blog Administration

Warning: sqlite_query() [function.sqlite-query]: no such column: is_404_page in /var/www-virtual/gregg.berkholtz.net/blog/include/db/sqlite.inc.php on line 233
cronjob