Welcome to the Monastery | |
PerlMonks |
Re: Public Access Terminals and Account Integrity.by QM (Parson) |
on Apr 14, 2006 at 14:36 UTC ( [id://543353]=note: print w/replies, xml ) | Need Help?? |
Just to pick on this idea a bit...
Provide the option for all monks to generate a relatively small list of disposable passwords (similar to a one-time pad). The monk in question would retain this list and use each password in sequential order only when logging in from a machine in a public setting. Once he/she logs out, the password that was used is invalidated thereby rendering a sniffer/keyboard logger completely ineffective.As often as not, I don't know ahead of time that I'll be logging in from a PAT or hotspot. So I'd first have to login "unsecurely" in order to login "securely". This is not to diminish the fact that this is a hole. Now, being nearly completely security-naive, does TLS get us anywhere? -QM
In Section
Perl Monks Discussion
|
|