Couple of thoughts
1) Anyone with access to your email has access to your acount as long
as they know your username
2) I would be annoyed to have to go to my email everytime I wanted to
go to my bank, usually my email arrives promptly, but sometimes,
especially at work, my email can take more than 15min to arrive at
which time I have to submit another login request
3) As you have already noted, email is terribly insecure
I would like to see a certificate system where the authentication is
based on a certificate installed on the machine. You can password
protect the certificate from unauthorized use and the authentication
system, even if used for the wrong site, cannot be used to access your
account.
On Tue, 23 Nov 2004 14:40:30 +1100, Michael Silk <michaels@phg.com.au> wrote:
Hi,
Just a quick little article about a login system that, should (i
think :)), prevent phishing attempts on your site.
http://michaelsilk.blogspot.com/2004/11/article-solution-to-phishing.htm
l
Have a look at it and let me know what you think ... and apologies
to anyone if an idea like this is already out there :)
-- Michael
**********************************************************************
This email message and accompanying data may contain information that is
confidential and/or subject to legal privilege. If you are not the intended
recipient, you are notified that any use, dissemination, distribution or
copying of this message or data is prohibited. If you have received this
email message in error, please notify us immediately and erase all copies of
this message and attachments.
This email is for your convenience only, you should not rely on any
information contained herein for contractual or legal purposes. You should
only rely on information and/or instructions in writing and on company
letterhead signed by authorised persons.
**********************************************************************
