Expanded Password System to Complement FIDO
2 is larger than 1 but is not necessarily stronger than 1, as two children could be overwhelmed by a grown-up.
For a two-factor authentication to be really reliable, each factor should be reasonably secure and usable enough.
On the other hand, ‘password-less’ authentication, however attractive it might sound, would only benefit bad guys as examined in the link page.
https://www.linkedin.com/pulse/removal-passwords-its-security-effect-hitoshi-kokumai/
People who offer a token as 'a factor' of two factor authentication schemes could all be viewed as our potential down-stream partners. Among them are the people who offer FIDO2-compatible solutions.
Put together, we could come up with the two-factor authentications that are much more reliable than otherwise.
.............................................................................................................
What does not exist will never be stolen
Removing what can be stolen from the picture can indeed ensure that what can be stolen will never be stolen and abused.
Removing the password from digital identity can obviously ensure that the password will never be stolen and abused. Then, exactly by the same logic, removing the cryptographic-enabled physical token can also ensure that the cryptographic-enabled physical token will never be stolen and abused.
This cartoon produced 15 years ago will hopefully help to unravel this seemingly complicated but actually simple problem.
I am very curious to know what the promoters of 'token-based password-less authentication' have to say.
What you ignore does not exist
Inconvenient reality?
Ignore it and it does not exist.
Two factors used together in a security-lowering ‘multi-entrance’ deployment and the two factors used together in a security-enhancing ‘multi-layer’ deployment have exactly the opposite security effects?
Ignore it and it does not exist. You will have the security-enhancing biometrics used with a default/fallback password in a security-lowering ‘multi-entrance’ deployment.
Being insufficient is different to being harmful?
Ignore it and it does not exist. You will see a password-removed authentication that is more secure than a password authentication. By the same logic, you will also see a token-removed authentication that is more secure than a token-based authentication.
PIN is no more than a weak form of numbers-only password?
Ignore it and it does not exist. You will have a ‘PIN-based Password-less authentication’.
Hitoshi Kokumaiの記事
ブログを見る
Today's topic is BBC's “Facebook to end use of facial recognition software” · https://www.bbc.com/n ...
I today take up this The Register report - “Client-side content scanning as an unworkable, insecure ...
There is actually a valid methodology that enable us to maximize the entropy of the secret credentia ...
この職種に興味がある方はこちら
-
ペッピーキッズクラブ イオンモール富谷教室 富谷市, 日本 パートタイム雇用形態 · アルバイト · 職種・指導形態 · 集団指導(10名以上) · グループ指導(10名以下) · 対象:幼児~高校生(高校生クラスは教室により異なる) · 1レッスン(60分)7名~12名です · 給与 · 1授業60分1,600円〜2,500円 · 上記+諸手当 · ★月9日勤務で月収11万円の例 · 1レッスン1600円×1日3レッスン×週2日×3週間+各種手当 · ★月12日勤務で月収13万円の例 · 1レッスン1600円×1日3レッスン×週4日×3週間+各種手当 · 最寄駅 · 待遇 · ◇社会保険制度あり(法令に則り適用) · ◇各 ...
-
公開範囲1.等を含む求人情報を公開する Hachinohe, 日本 パート仕事内容 · ・ホテルのレストランにて簡単な調理、片付け、接客業務を行って · いただきます。 · ・レストラン及びホテルロビーの清掃業務も行います。 · ・その他、付随する業務があります。 雇用形態 パート労働者 正社員登用の有無 なし 派遣・請負等 就業形態 派遣・請負ではない 雇用期間 雇用期間の定めあり(4ヶ月以上) 6ヶ月 契約更新の可能性 あり(原則更新) 就業場所 就業場所 事業所所在地と同じ 〒 青森県八戸市大字番町31-5 受動喫煙対策 あり(屋内禁煙) マイカ ...
-
介護施設の応援調理人
6日前
RIEI Kobe, 日本 業務委託お仕事情報 · お仕事内容 ≪調理スタッフ≫ · 介護施設の調理、厨房の運営全般や、発注・在庫管理などお任せします。 · ★一般の飲食店と違い、食数が事前にわかっています。 · 給与 日当15000円以上 · 能力により考慮致します。 · 交通費全額支給 · 制服貸与 · 車通勤可 · ◆支払い方法:月1回 · ◆交通費:全額支給 · 所在地 大阪府 大阪市中央区 本町3-5-7 御堂筋本町ビル11階 · 大阪支店の住所です。 · 勤務期間 長期(3ヶ月以上) · シフト・勤務時間 週3日以上 、 1日8時間以上 · 朝~昼 ...
コメント