- TalkBack 1 of 5:
- Next »
- Thread View
- Flat View
- Why not improve the login?
-
When they first create a paypal account, you could generate a page of login numbers in the browser.
A=93843
B=28474
C=92482
D=29495
E...
AA=21231
AB=23636
The user prints it out (with an opt out for people who don't have a printer).
From then on, you ask them to login with name and password, on the next screen you ask for Magic number D, AA, or whatever.
If there are more than say 3 failures to login you lock the account (I guess you do this already?).
If someone logs in with a correct name and password, but with the wrong number on the next screen (or doesn't attempt the number verification = phisher with the wrong number), you flag a warning on the account, so that the real user sees someone has tried to login but didn't get the magic number when they next log in.
So a phisher would have to convince a user to give up a magic number aswell, then they would have to be very lucky and guess to ask for the correct number that is asked for during the next real login attempt.
Not perfect (e.g. a compromised box could intercept the initial numbers page) but not bad. - Posted by: Nigel Johnstone Posted on: 01/04/05 You are currently: a Guest | Members login | Terms of Use
Why not improve the login?
Nigel Johnstone | 01/04/05
|
 
Why not improve login?
venve@... | 01/05/05
|
|
ebay mail
entropy_z | 01/04/05
|
Did you get the same ads
htotten | 01/05/05
|
|
my messages
entropy_z | 01/06/05
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
- Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now
- The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
Meet Doc
-
-
Here to help you with your Document Management Needs
- Check out Doc’s Blog on ZDNet
- Help your company, help the earth I want to share with you the Environmental Defense Fund Paper Calculator, which allows you to gauge your organization's environmental impact.
- Which is Greener: Paper or Digital? The Answer May Surprise You Anything we can do to reduce paper consumption is good. But what about the impact of digital waste?
-
Produced by
ZDNet and -
