Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Keylogging Hacks

Roy Schestowitz wrote:
(...)
On-line banks appear to prefer variantions which take random permutations of
subsets from the password string. If all is on top of HTTPS, keyboard spying
must be the concern.

The answer is clear - two-factor authentication.
It doesn't matter if they keylog me - well, it does because they see what I do, but they can't use that information to gain access a second time. They would have to steal my token and somehow learn its activation code for this.
American banks seem to want to be cheap in this respect though :)
( Some banks just distribute loads of one-time pads )


I think there's a conference of security in the banking industry on at the moment - might poke my nose in if they have anything on the topic.

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index