http://news.bbc.co.uk/hi/english/sci/tech/newsid_2006000/2006940.stm [You have to click the URL above to see the mock-up of the card, on the surface it appears to look more like the old SKey cards I used to use to log into a few networks. I'm more amazed that it caught the attention of the BBC as being a solution to the age old password problem plaguing networks today. - WK] Thursday, 30 May, 2002 A British inventor has come up with a low-tech answer to the problem of having a secure password. Martin Wren-Hilton has designed a simple card that could be issued to employees as a second line of defence against hackers. The card resembles a pre-paid top-up voucher for mobile phones and has a list of words and numbers. When a user logs on to their PC, the system recognises them as a cardholder and asks them to enter the number that corresponds to one of the words. Low-tech answer Each card is unique. But if it is mislaid, it is of no use to a potential hacker because the information only works in conjunction with a user's password. "There is a need for something beyond a simple password and this is a low-cost and low-tech solution," Mr Wren Hilton told BBC News Online. "There are lots of nerdy ideas about smart cards and other systems but generally they cost a lot of money and would only be necessary for people who need a high level of authentication for their jobs," he said. "This card could be the solution for the rest of us." Mr Wren-Hilton has filed an international patent on the idea and has already been approached by companies which offer authentication services. Experts unimpressed Marketing director for security firm RSA is not convinced it is a new idea. "It is not an uncommon way of authentication and internet banks in Germany offer a similar system," he said. "It sounds like a reasonable system for high volumes of users who need relatively low-level authentication. A lot will depend on how secure the back-end system is," he said. Research fellow at the London School of Economics Peter Sommer is not particularly impressed. "There are loads of these ideas and many aren't that well thought out," he said. "Any system that relies on a third person has problems and I can't see any great benefit to the individual with such a system." - ISN is currently hosted by Attrition.org To unsubscribe email email@example.com with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri May 31 2002 - 08:09:00 PDT