Two Factor Security

Two factor security is great on paper, but often it turns out to be a major pain in the ass for the users. You wouldn’t think that carrying a small RSA token would be much of a problem. But for some people it is. It’s funny how they always find ways to somehow cheat the system, for example using a webcam like this dude:

RSA Two Factor Security vs Webcam
screenshot of this blog

I found this on some tech blog, and my jaw just dropped. I immediately took a screenshot for posterity. This is how you take robust two factor security solution, and turn it back into one factor scheme. Now the attacker simply needs to know your password, and the URL of your webcam (and potentially the password to access the feed). This solution is completely vulnerable to a keylogger or various man in the middle attack whereas two factor RSA if used properly would not be.

It’s unfortunate, but security is really 1 part technology, and 4 parts user education. Two factor can be a nuisance, and users will likely hate it. But it is important that they understand why is it used for, and how does it work. If they do not understand it, or if IT is anal about replacing lost or broken dongles people will just start leaving them at home pointing live webcams on them.

[tags]rsa, security, rsa security, two factor, dongle, two factor security, webcam[/tags]

This entry was posted in technology and tagged . Bookmark the permalink.



2 Responses to Two Factor Security

  1. Craig Betts UNITED STATES Mozilla Firefox Solaris Terminalist says:

    O_O

    I used to administer a SecurID system for seven years. I would love smack the idiot that did that! I must remember to include this scenario the next time I write a security policy.

    It is usually some lazy idiot that causes computer security breaches . . . where’s my LART when I need it?

    Reply  |  Quote
  2. Luke UNITED STATES Mozilla Firefox Ubuntu Linux says:

    My second favorite must be when they tape a complete set of logins/passwords on the back of the dongle. :P

    The webcam thing is kinda the reverse of that.

    Reply  |  Quote

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>