Morgan Wajda-Levie on Wed, 8 Sep 1999 21:52:55 -0400 (EDT)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [Plug] Re:NT/W95 Login Authentication Schemes


On Wed, Sep 08, 1999 at 06:23:05PM -0700, Nick R wrote:
> Later versions of Foolproof are pretty good. The earlier versions were 
> pretty easy to get around (actually extremely easy). But, (and I forget 
> whether this is an NT security bug or a Foolproof one) there's an obscure 
> bug that allows you (once in a while) to access files you're not supposed to 
> through IE. You just have to keep trying and eventually you'll get in. I 
> hope somebody can clear up the confusion as to where this security flaw lies 
> (NT or Foolproof). It's been too long.
> 
> Just to clarify, I want a scheme that does NOT just require a password. It 
> must use something harder to just look at somebody's keyboard or tell a 
> buddy, like a keycard or something.

Isn't this a bit overkill?  If everbody's going to have an account,
and people with super accounts are careful, you don't have much to
lose.  If a student types really slowly, then he's just asking to have
his password copied.  And it's not as if there aren't easier ways to
impersonate a kid through e-mail.

If you really do have a reason for keycards and all that stuff, go to
it.  I just think it's a bit unecessary, and probably *very*
expensive.

My 2 cents.

-- 
Morgan Wajda-Levie
http://www.worldaxes.com/wajdalev
PGP fingerprint:
A353 C750 660E D8B6 5616  F4D8 7771 DD21 7BF6 221C
http://www.worldaxes.com/wajdalev/public.asc for PGP key
encrypted mail preferred

Attachment: pgpU6vgnv7dg4.pgp
Description: PGP signature