two-factor-authentication-hysteria-continues
As I predicted, the hysteria around the , well, hysteria in the information security blogosphere, which is a pretty small par...
As I predicted, the hysteria around the , well, hysteria in the information security blogosphere, which is a pretty small part of the blogosphere.
As I discussed before, this is a failure of mutual authentication not two-factor authentication. Here are some the headlines:
- Fraudsters defeat two-factor authentication
- Phishers rip into two-factor authentication Phishers crack two-factor authentication
On the other hand, and sadly in the minority, zencoder has it right: Pundits Blaming 2-Factor Authentication…Again
you can’t use 2-factor authentication to protect a telnet session and expect it to be valid hosts guaranteed on both ends…telnet doesn’t have that sort of capability built into the protocol; but that’s not a problem with the 2-factor auth.
Security Curve, is also on the right track transaction authentication to make financial services acceptably secure online.
I think we do as much of a disservice to the Internet community when we inaccurately blame technology as when we inaccurately promote it as a silver bullet.


two-factor-authentication-hysteria-continues
Sorry, should have put a xD ;) grin (or insert your emoticon of choice here) after my crack-smoking statement. Was meant as a humrous/jibe reply. In re-reading, it comes across much harsher than I intended. My bad.