One-time-password and emails

Discuss the many weaknesses of browser security and ways to mitigate the threat

One-time-password and emails

Post by 0xBEEF1337 on Thu Jul 15, 2010 1:31 pm
([msg=41853]see One-time-password and emails[/msg])

Delete.
Last edited by 0xBEEF1337 on Sat Jan 29, 2011 3:28 pm, edited 2 times in total.
0xBEEF1337
Experienced User
Experienced User
 
Posts: 75
Joined: Wed Jul 07, 2010 11:34 pm
Blog: View Blog (0)


Re: One-time-password and emails

Post by Goatboy on Thu Jul 15, 2010 2:50 pm
([msg=41855]see Re: One-time-password and emails[/msg])

I've always liked the idea of keyfiles, similar to how they are implemented in TrueCrypt.

Basically I'd do away with the forgotten password altogether and instead have the user supply a keyfile that s/he chose ahead of time in such situations. A good keyfile might be a picture taken on his/her digital camera, and stored on a CD in a safe place. An MD5 of the keyfile is sent as "proof" of the user being authentic. Then s/he can log in and change the password.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2788
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: One-time-password and emails

Post by 0xBEEF1337 on Fri Jul 16, 2010 8:59 am
([msg=41903]see Re: One-time-password and emails[/msg])

Delete.
Last edited by 0xBEEF1337 on Sat Jan 29, 2011 3:28 pm, edited 1 time in total.
0xBEEF1337
Experienced User
Experienced User
 
Posts: 75
Joined: Wed Jul 07, 2010 11:34 pm
Blog: View Blog (0)


Re: One-time-password and emails

Post by Goatboy on Fri Jul 16, 2010 11:39 am
([msg=41912]see Re: One-time-password and emails[/msg])

Ahh, so your demographic includes morons. Yea, that'll be a challenge.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2788
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)



Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests