More on Kabay and Password Management
In his recent ongoing series on passwords, Prof. Mich Kabay mentions a novel authentication product in his latest Security Strategies newsletter.
The product, Passfaces, lets a user pick out a familiar face for authentication. Passfaces reminds me of something a few years back called PassMark. Users could pick out a photo -- it didn't have to be a face -- when they registered to a web site. This photo would be their "PassMark" and if it appeared on subsequent logins, the site was certified as not being a phish.
PassMark eventually was bought by RSA in 2006 and merged into their authentication product line.
There were clever ways PassMark could be phished. I'm wondering if the same is true of Passfaces.
It's still an interesting concept, nonetheless.
The product, Passfaces, lets a user pick out a familiar face for authentication. Passfaces reminds me of something a few years back called PassMark. Users could pick out a photo -- it didn't have to be a face -- when they registered to a web site. This photo would be their "PassMark" and if it appeared on subsequent logins, the site was certified as not being a phish.
PassMark eventually was bought by RSA in 2006 and merged into their authentication product line.
There were clever ways PassMark could be phished. I'm wondering if the same is true of Passfaces.
It's still an interesting concept, nonetheless.
posted by The IT Security Guy at 12:36 PM
1 Comments:
Another interesting password management tool (but this one has issues).
Post a Comment
<< Home