A UK-based cyberlaw blog by Lilian Edwards. Specialising in online privacy and security law, cybercrime, online intermediary law (including eBay and Google law), e-commerce, digital property, filesharing and whatever captures my eye:-) Based at The Law School of Strathclyde University . From January 2011, I will be Professor of E-Governance at Strathclyde University, and my email address will be lilian.edwards@strath.ac.uk .
Monday, January 19, 2009
Security: Two factor Authentication Spreads
One for Technollama this :-)
We all know about the physical tokens or dongles you can now get to provide two factor authentication for your online banking services. In fact Pangloss was recently surprised to discover she could now not set up a new online payee without the use of one, on her RBOS account: it arrived in the post this morning by which time she had made the payment by phone:-) Anyway.
Some World of Warcraft players are now apparently so worried at the idea of their account being haXXored (leet spelling not authenticated..) by Chinese gold farmers etc that Blizzard is selling them two factor authentication as well. Interesting..
Subscribe to:
Post Comments (Atom)
3 comments:
If these 2-fator dongles are going to become more common, and they're all the size of a key-fob (because it's handy, and you can put it on your keyring), how long will it be before it becomes impossible to carry them all around with you?
Also, how long will it be until someone breaks the RNG on the chip used in 90% of the devices?
Yes exactly. I already have one friend who resents she can't do her online banking at work cos she'd have to carry it round in her handbag.. They do seem to be becoming the equaivalent of "phew I've solved that one now".
In an ideal world, your bank or other trusted institution would open up your two-factor protected online authentication to third parties, allowing you to carry a single dongle. Is there an extension to OpenId that allows this I wonder...?
Post a Comment