Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Re: Public Access Terminals and Account Integrity.

by QM (Parson)
on Apr 14, 2006 at 14:36 UTC ( [id://543353]=note: print w/replies, xml ) Need Help??


in reply to Public Access Terminals and Account Integrity.

Just to pick on this idea a bit...
Provide the option for all monks to generate a relatively small list of disposable passwords (similar to a one-time pad). The monk in question would retain this list and use each password in sequential order only when logging in from a machine in a public setting. Once he/she logs out, the password that was used is invalidated thereby rendering a sniffer/keyboard logger completely ineffective.
As often as not, I don't know ahead of time that I'll be logging in from a PAT or hotspot. So I'd first have to login "unsecurely" in order to login "securely".

This is not to diminish the fact that this is a hole.

Now, being nearly completely security-naive, does TLS get us anywhere?

-QM
--
Quantum Mechanics: The dreams stuff is made of

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://543353]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having a coffee break in the Monastery: (3)
As of 2024-03-29 14:52 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found