Chris Liljenstolpe <Chris .
com> noted that CryptoCard:
>... offers an SNK type mechanism with 1-3 keys. However, you can also set it
>up with a "split 1 key" where two different security officers each enter a key
>into the server and card. The card and server then combine those two keys
>into one key. This keeps the card safe even if one security officer is
I like that. Even if it is the sort of fandangle that security
managers grin about but never buy or use. My compliments to Steve Seal
com> in Ontario.
Another good example of those smile-but-don't-buy features was the
duress code Padgett mentioned:
*I do not know of a single token vendor who
>provides the capability for a "duress code" into their product.*
Actually, SDI provided a duress code option for their SecurID for
the first 3 or 4 years, if memory serves -- but I never heard of a single
company using it. I think SDI quietly dropped it and no one noticed.
(Maybe SDI would provide it as a special feature if requested. They have
the code, and it's long since gone through their extended QA process.)
Padgett also noted:
>...a SecurID token is the one which rested in my wallet while
>I went white-water rafting in Alaska.... It survived but the credit
>card in the next slot broke.
Next time you take an adventure vacation, ask SDI for one of their
new "key fob" tokens. The SecurID card has gotten sturdier over the years,
but the key fob allowed them to escape the bend-and-bust syndrome. It
should survive even if you lose the raft, next time you go white water
(I suggested they pass them out to the crew of "tunnel rats"
working on the third harbor tunnel here in Boston, and then collect stats
on the failure rates for an ad. But the SDI marketing department doesn't
pay much attention to me. And I've got to admit, they've done fairly well
without my guidance.)
Vin McLellan +The Privacy Guild+ <vin @
53 Nichols St., Chelsea, Ma., USA Tel: (617) 884-5548