Two-factor Authentication - Ineffective and Expensive
Reports from a recent e-Crime Congress in London have "rubbished" two-factor authentication as ineffective for the user and expensive to implement.
Although the technology is touted as the next generation of user security - and has been implemented by a number of banks here in New Zealand, in addition to remote access technologies such as Citrix - the experts are not impressed.
"There are a whole bunch of things that can go wrong with two-factor authentication," explained Ross Anderson, professor of security engineering at Cambridge University's Computer Laboratory, citing the 'man-in-the-middle' attack as one example of the technologies weaknesses.
Therefore, the issue of dubious online security remains and we must hope that the experts will provide a viable alternative to the current incarnation of "next generation security" in addition to pointing out its failings.
Although the technology is touted as the next generation of user security - and has been implemented by a number of banks here in New Zealand, in addition to remote access technologies such as Citrix - the experts are not impressed.
"There are a whole bunch of things that can go wrong with two-factor authentication," explained Ross Anderson, professor of security engineering at Cambridge University's Computer Laboratory, citing the 'man-in-the-middle' attack as one example of the technologies weaknesses.
Therefore, the issue of dubious online security remains and we must hope that the experts will provide a viable alternative to the current incarnation of "next generation security" in addition to pointing out its failings.
Labels: e-Crime, security, two-factor authentication
posted by Nicholas Hadlee at
10:20 AM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home