>
> >> Whilst one-time keycards are nice, ones such as S/Key are also "dangerous".
> >
> >> If you're attending a conference (and have a name tag), or travelling,
> >> you're going to take your s/key list or other with you...whilst the
> >> security seems well and good, it does, however, reduce the skill required
> >> to get `in' to somene who is good at picking pockets...and what do you do
> >> if you `lose' your `card' ? Can you call back to work, 24 hours a day and
> >> report it missing ?
> >
> >you could keep your s/key list encrypted on a laptop.
> >
> >josh
>
> Isn't the design intention of S/key that one generates one-time
> passwords (using memorized secret key) on-the-fly? I thought
> that carrying around lists of pre-generated passwords was a compromise
> for when one didn't have a local key generation system (though I know
> there are considerations running the key software on X networks, where
> one may accidentally run the key generator on a remote host, thus
> passing the secret password in clear text via telnet). But if you've
> got a laptop, why pre-generate keys, and then encrypt them? Just
> generate them as needed. S/key is available for DOS and Macs.
Wish I was rich enough to be able to afford such luxuries.
Neither is it always as convienient.
Hmm, maybe I just expect too much.
darren
References:
|
|
