Home

Response to Hal's Post About Authentication

  • user warning: Table 'nolan.comments' doesn't exist query: SELECT COUNT(*) FROM comments WHERE nid = 295 AND status = 0 in /home/sneakin/web/nolan.eakins.net/includes/database.mysql.inc on line 120.
  • user warning: Table 'nolan.comments' doesn't exist query: SELECT c.cid as cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users, c.thread, c.status FROM comments c INNER JOIN users u ON c.uid = u.uid WHERE c.nid = 295 AND c.status = 0 GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, u.picture, c.homepage, u.uid, u.name, u.picture, u.data, c.score, c.users, c.thread, c.status ORDER BY c.thread DESC LIMIT 0, 50 in /home/sneakin/web/nolan.eakins.net/includes/database.mysql.inc on line 120.
Submitted by sneakin on Tue, 2006/07/11 - 04:24.

Note: This is in response to Hal's feedback on ‘Simple factor is better than two-factor authentication’ where Hal gave praise to two-factor authentication.

That's complete bollucks. Biometrics are no more safer from sniffing than a good ole password. They're actually less safe since you can't exactly change your fingerprint, DNA, or iris pattern. The only place biometrics are safe is on something like Eutron's BioToken in which your fingerprint is used to unlock a private key on a crypto token.

Two factor authentication still is not the silver bullet for identity theft. What if you sniffed your password and then stole your second factor? I'm still in.

Something like a BioToken, where you enter your pass-phrase on a trusted device dedicated to encryption, is the most secure method available.

» add new comment

Ad's by Google