[AusNOG] Authentication Tokens
Nathan Gardiner
ngardiner at gmail.com
Thu Jun 18 08:56:25 EST 2009
I doubt it matters, you may have the token/key and an awareness of which company it belongs to, but do you know the userid, the password, the vpn endpoint, and possibly any other authentication factors such as local machine-level passwords or user PINs for the key/token?
Cheers
Nathan
-----Original Message-----
From: Aaron Weller // Crucial Paradigm <aaron at crucialp.com>
Sent: Thursday, June 18, 2009 7:22 AM
To: ausnog at ausnog.net
Subject: Re: [AusNOG] Authentication Tokens
I would have thought the same thing, but I was surprised to find out
when our bank sent us one of these tokens it was branded by them! I
think it defeats half the purpose of having one!
Regards,
Aaron
Tony wrote:
> --- On Wed, 17/6/09, Daniel O'Connor <doconnor at gsoft.com.au> wrote:
>
>
>> I've seen these..
>> http://www.yubico.com/products/yubikey/
>>
>>
>
> >From that website:
>
> "Brandable - Your company's distinctive YubiKey can be branded with your corporate profile or logo."
>
> Is it just me, or is that a bit in the opposite direction that you should be taking for secure tokens ? Surely advertising the corporate network that the token could be used to break into if stolen isn't the best idea...
>
>
> regards,
> Tony.
>
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
More information about the AusNOG
mailing list