| *** Skelroy has quit (Ping timeout: 246 seconds) | 08:29 | |
| *** Skelroy_ (~Skelroy@71-85-217-74.dhcp.stls.mo.charter.com) has joined #wikid | 08:29 | |
| *** Skelroy_ has quit (Ping timeout: 246 seconds) | 08:36 | |
| *** Skelroy_ (~Skelroy@71-85-217-74.dhcp.stls.mo.charter.com) has joined #wikid | 13:01 | |
| *** nowen (~nowen@adsl-98-66-180-42.asm.bellsouth.net) has joined #wikid | 14:03 | |
| *** nowen has quit (Remote host closed the connection) | 16:19 | |
| *** nowen (~nowen@adsl-98-66-180-42.asm.bellsouth.net) has joined #wikid | 16:19 | |
| *** __TOM (~wtfnom@38.103.49.130) has joined #wikid | 19:21 | |
| __TOM | nick, you around? | 19:21 |
|---|---|---|
| nowen | yes | 19:21 |
| __TOM | had a quick Q regarding unlocked vs locked soft tokens for windows/mac | 19:21 |
| nowen | ok | 19:22 |
| __TOM | i guess im looking for an answer regarding how unlocked is less secure than the locked version | 19:22 |
| __TOM | when the token registers with the server do they not generate a seperate pub/priv keypair? | 19:22 |
| __TOM | so if user A has 2 computers | 19:22 |
| nowen | the locked tokens pull data from the machine during registration such as the CPU identifier or mac address and hashes it | 19:23 |
| nowen | this hash must match for each OTP request | 19:23 |
| nowen | it prevents unsophisticated users from moving the token | 19:23 |
| nowen | also, it has a variable pin pad | 19:23 |
| __TOM | with the unlocked token, they can choose to move it at will? | 19:23 |
| nowen | which may help thwart keyloggers | 19:23 |
| nowen | yes | 19:23 |
| __TOM | wouldnt they need to reregister? | 19:24 |
| nowen | no, they move the file that has the keys which are registered | 19:24 |
| __TOM | ohhh | 19:24 |
| __TOM | i see. | 19:24 |
| __TOM | and if there are no additional steps for implementing a locked token, is there a reason one would not implement locked tokens only? | 19:24 |
| __TOM | and is this a concern for mobile devices like android as well? | 19:25 |
| __TOM | like is the android client considered locked? | 19:25 |
| __TOM | FYI I'm starting a live pilot very soon, just as a heads up since I've had this installed under demoware for quite some time sitting idle. | 19:26 |
| nowen | it is not, but it is considered harder to get info off of it. obviously, that is a moving target. users certainly don't do it | 19:26 |
| nowen | on those devices we can add stuff like location down the road | 19:27 |
| __TOM | i see. okay thanks. | 19:28 |
| *** nowen has quit (Quit: Leaving.) | 21:00 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!