[16234] in cryptography@c2.net mail archive
Re: AOL to Sell Secure ID Tags to Fight Hackers
daemon@ATHENA.MIT.EDU (Florian Weimer)
Mon Sep 27 13:47:11 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: "R. A. Hettinga" <rah@shipwright.com>
Cc: cryptography@metzdowd.com, cypherpunks@al-qaeda.net
From: Florian Weimer <fw@deneb.enyo.de>
Date: Thu, 23 Sep 2004 23:50:19 +0200
In-Reply-To: <p06110417bd752f5cd7c3@[66.149.49.5]> (R. A. Hettinga's message
of "Mon, 20 Sep 2004 21:09:10 -0400")
* R. A. Hettinga:
> PassCode users will be provided with a small handheld six-digit numeric
> code key.
>
> To log onto an AOL account equipped with the service, users will have to
> type in the six-digits, which refresh on the device every 60 seconds, on
> top of using the regular password.
AOL appears to allow you to disable PassCode for your account, so this
is only of limited usability against phishing scams. AOL even fails
to stress that you must never enter the PassCode serial number during
the normal login process. 8-(
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
