[119496] in North American Network Operators' Group
Smartcard and non-password methods (was Re: Password repository)
daemon@ATHENA.MIT.EDU (Sean Donelan)
Fri Nov 20 18:43:28 2009
Date: Fri, 20 Nov 2009 18:42:37 -0500 (EST)
From: Sean Donelan <sean@donelan.com>
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Are any network providers supporting smartcards or other non-password
based authentication methods? Passwords always end up blaming the
user for choosing/not remembering good passwords instead of blaming the
technology for choosing/not doing things so the user isn't forced to
work around its flaws.
I know about the DOD Common Access Card. One-time code-generator tokens
seem more widely used by single enterprises. But inter-operable
credentials still seem to be one of those great unsolved problems for
compter security. Are passwords still the only lowest-common-denominator?
