[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: how can you verify that the site you get is not a fake?



On Mon, 2005-06-06 at 10:50, bruce wrote:
> so...
> 
> the obvious solution (at least to me...) is to get rid of the need for a
> user to use the keyboard for entering the password....
> 
> so if i have a solution that allows the user to more or less know that the
> site that he/she is on is the correct site, as well as a process that allows
> the user to access/authenticate that he/she is indeed the actual user, then
> we might have something...
> 
> if you're dealing with a browser/internet system, i'm of the opoinion that
> it's time we start thinking about geting rid of text based passwords...
> they're too cumbersome to be secure, and once you start dealing with more
> than a few sites.. who really goes through the trouble to generate and
> remember really secure passwords...

Client certificates for ssl/https provide this if you want to pay for
them and then make sure they don't get stolen.

-- 
  Les Mikesell
   lesmikesell gmail com



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]