two factor authentication
Frank Cusack
fcusack at fcusack.com
Wed Jul 26 16:04:33 EST 2006
On July 26, 2006 8:32:59 AM +0300 Alon Bar-Lev <alon.barlev at gmail.com> wrote:
> Frank Cusack wrote:
>> On July 25, 2006 8:17:06 AM +0300 Alon Bar-Lev <alon.barlev at gmail.com>
>> wrote:
>>> You can also consider biometric enabled smartcards, and have 3 factors.
>>> But biometric is the worse from user perspective.
>>
>> Why is that?
>>
>> -frank
>>
>
> Since my testings showed that the low cost readers used in smartcard readers
> are too weak... The user usually should try an average 2 times to login... And there
> are 15% of people that cannot use these readers at all, since there biometric
> produces too much or too few heat.
>
> I also think that a computer software that sits between the reader and the driver
> can transmit a finger print without it being read from the reader...
>
> I know there is a new reader that update the APDU sent to the card with the fingerprint...
> When this will be available and the reader will be improved I think it would be nice.
Or my company's cards, www.tri-dsystems.com, where the reader is on the card.
enroll-on-card, match-on-card. It can be used 2-factor (no pin) or 3-factor.
(Well, it will soon. Today it only works as an OTP token.)
The reader is a mechanical device, heat doesn't matter. However folks with
very slight fingerprints will have a problem.
-frank
More information about the openssh-unix-dev
mailing list