[7095] in cryptography@c2.net mail archive
Re: Pass phrases, Hushmail and Ziplip
daemon@ATHENA.MIT.EDU (David Honig)
Mon May 15 13:34:10 2000
Message-Id: <3.0.6.32.20000515093204.007efbb0@pop.sprynet.com>
Date: Mon, 15 May 2000 09:32:04 -0700
To: Peter Wayner <pcw2@flyzone.com>, cryptography@c2.net
From: David Honig <honig@sprynet.com>
In-Reply-To: <p04310113b54204107b7e@[10.0.1.8]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
At 02:56 PM 5/12/00 -0400, Peter Wayner wrote:
>
>I think all crypto products rely on passphrases. Every wallet is
>locked with a passphrase. Every private key is locked away. Even the
>smart cards are usually sewn up with PINs. It's just a fact of life
>and it seems unfair to me to pick upon Hushmail.
>
>-Peter
But with a smartcard, you have to both have the thing in your
hand, and know the passphrase. With a networked service like hushmail,
your only protection is the phrase.
What you know, what you have, what your bodyparts look like.
