| Morgan Wajda-Levie on Wed, 8 Sep 1999 21:52:55 -0400 (EDT) |
|
On Wed, Sep 08, 1999 at 06:23:05PM -0700, Nick R wrote: > Later versions of Foolproof are pretty good. The earlier versions were > pretty easy to get around (actually extremely easy). But, (and I forget > whether this is an NT security bug or a Foolproof one) there's an obscure > bug that allows you (once in a while) to access files you're not supposed to > through IE. You just have to keep trying and eventually you'll get in. I > hope somebody can clear up the confusion as to where this security flaw lies > (NT or Foolproof). It's been too long. > > Just to clarify, I want a scheme that does NOT just require a password. It > must use something harder to just look at somebody's keyboard or tell a > buddy, like a keycard or something. Isn't this a bit overkill? If everbody's going to have an account, and people with super accounts are careful, you don't have much to lose. If a student types really slowly, then he's just asking to have his password copied. And it's not as if there aren't easier ways to impersonate a kid through e-mail. If you really do have a reason for keycards and all that stuff, go to it. I just think it's a bit unecessary, and probably *very* expensive. My 2 cents. -- Morgan Wajda-Levie http://www.worldaxes.com/wajdalev PGP fingerprint: A353 C750 660E D8B6 5616 F4D8 7771 DD21 7BF6 221C http://www.worldaxes.com/wajdalev/public.asc for PGP key encrypted mail preferred Attachment:
pgpU6vgnv7dg4.pgp
|
|