Just another Perl shrine | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Just to pick on this idea a bit...
Provide the option for all monks to generate a relatively small list of disposable passwords (similar to a one-time pad). The monk in question would retain this list and use each password in sequential order only when logging in from a machine in a public setting. Once he/she logs out, the password that was used is invalidated thereby rendering a sniffer/keyboard logger completely ineffective.As often as not, I don't know ahead of time that I'll be logging in from a PAT or hotspot. So I'd first have to login "unsecurely" in order to login "securely". This is not to diminish the fact that this is a hole. Now, being nearly completely security-naive, does TLS get us anywhere? -QM In reply to Re: Public Access Terminals and Account Integrity.
by QM
|
|