Network Security: Detailed info on Re: Entrust - Identity Guard

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Web-App-Sec

[Top] [All Lists]

Re: Entrust - Identity Guard - Any experience?

from [Saqib Ali] Network Security

[Permanent Link]

Subject:	Re: Entrust - Identity Guard - Any experience?
Date:	Tue, 23 Aug 2005 08:14:32 -0700

Not really. The card is something a person carries around. Besides the
cards can be made to be difficult to photocopy. And if stolen, they
can be treated the same as a stolen token: invalidated and a new one
generated as easy as kiss my hand.


hmmm. 

how do you know when to replace/regenerate the card, if the attacker
only duplicated the card, and returned the original to your wallet???

static human-legible information can be duplicated using vaious
fotografic techniques.

I like the Entrust thingamabob. Think Pareto's Law: It gives 80
percent of the functionality of a secure token for 20 percent of the
cost. (Actually, I think it gives 96 percent of the functionality of a
secure token for 20 percent of the cost -- Pareto squared.)


This maybe true, but i would still like to see some data to support this claim.


-- 
In Peace,
Saqib Ali
http://www.xml-dev.com/blog/
Consensus is good, but informed dictatorship is better.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Entrust - Identity Guard - Any experience?, (continued) RE: Entrust - Identity Guard - Any experience?, ken kousky RE: Entrust - Identity Guard - Any experience?, Ellis, Steven RE: Entrust - Identity Guard - Any experience?, Rishi Pande RE: Entrust - Identity Guard - Any experience?, Mary Ann Burns Re: Entrust - Identity Guard - Any experience?, Saqib Ali Re: Entrust - Identity Guard - Any experience?, Ralf Durkee RE: Entrust - Identity Guard - Any experience?, Lyal Collins Re: Entrust - Identity Guard - Any experience?, Saqib Ali RE: Entrust - Identity Guard - Any experience?, ken kousky Re: Entrust - Identity Guard - Any experience?, Ned Fleming Re: Entrust - Identity Guard - Any experience?, Saqib Ali <= RE: Entrust - Identity Guard - Any experience?, Wall, Kevin

Previous by Date:	Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection), Serban Ghita
Next by Date:	Re: BBCode [IMG] [/IMG] Tag Vulnerability, Tony Stahler
Previous by Thread:	Re: Entrust - Identity Guard - Any experience?, Ned Fleming
Next by Thread:	RE: Entrust - Identity Guard - Any experience?, Wall, Kevin
Indexes:	[Date] [Thread] [Top] [All Lists]