On Wed, 26 Apr 1995, Carl Jolley wrote:
> I recently heard about an interesting twist on dial-back security. With
> this product, a remote user dials a server and provides a user-id. This
> server then calls a pager assigned to this person and provides a one-time
> password. The person who initiated the call then uses the one-time
> password from their beeper to complete the logon. This approach is
> interesting to me for several reasons: 1) it could allow for the
> elimination of the requirement for a separate hardware device or list of
> one-time passwords that could be stolen or lost (or in the case of a paper
> list, copied), 2) it supports mobility, i.e., the remote user is not
And I sit there knowing what paging company that you use and utilize my
Universal Radio M-400 Paging Decoder and get a password... now, if you
had an encrypted password, that the user had to unscramble based on a
particular key, that would be more secure, but paging is done on a clear
channel.
Christopher Davies | Voice: +1-301-513-0163
24 Hour Computers | Fax: +1-301-513-0165
Washington DC Area USA | Data: +1-301-513-5297
Emergency Service/Sales | Internet: Chris @
24hour .
com
Follow-Ups:
References:
|
|
