trojan problem (password protection)
Billy Verreynne (JW)
VerreyB at telkom.co.za
Fri Jan 27 11:19:23 UTC 2006
Michael T. Richter:
> Use a decent password management system (strongly encrypted)
> and it's not an issue.
But then that is a case of all eggs in a single basket. If that vault
is compromised, then all your accounts are wide open to attack.
It is also much easier to attack the vault from a social engineering
and technical perspective - especially as the vault (usually) resides
locally on Mr/Mrs User PC. A very vulnerable environment...
Not saying that the vault (aka wallet method) is not a working
solution. But we must realise that the whole password authentication
model is severely flawed.
--
Billy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This e-mail and its contents are subject to the Telkom SA Limited
e-mail legal notice available at
http://www.telkom.co.za/TelkomEMailLegalNotice.PDF
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the ubuntu-users
mailing list