Sunday, June 26, 2005

Why does RSA downplay the PINpad?

Slashdot posted to How to keep track of passwords? as Re:SecurID :

jtshaw writes:
I carry my password on my keychain... it changes every 60 seconds. Of course... there are a few more numbers that aren't on the keychain.. but remembering that is no worse then a ATM pin.

The next step in security is the SecurID "PINpad", this looks like the credit-card form SecurID product, but has twelve "buttons". The display still show random six digit numbers every sixty seconds.
Instead of typing your PIN in online, you enter it into the PINpad and then enter the newly computed combined number.

The advantage is that you never enter your PIN in the clear, the only place you ever type your PIN is once when you first create it, from then on you just enter it into the PINpad.


Post a Comment

<< Home