Two factor security is great on paper, but often it turns out to be a major pain in the ass for the users. You wouldn’t think that carrying a small RSA token would be much of a problem. But for some people it is. It’s funny how they always find ways to somehow cheat the system, for example using a webcam like this dude:
screenshot of this blog
I found this on some tech blog, and my jaw just dropped. I immediately took a screenshot for posterity. This is how you take robust two factor security solution, and turn it back into one factor scheme. Now the attacker simply needs to know your password, and the URL of your webcam (and potentially the password to access the feed). This solution is completely vulnerable to a keylogger or various man in the middle attack whereas two factor RSA if used properly would not be.
It’s unfortunate, but security is really 1 part technology, and 4 parts user education. Two factor can be a nuisance, and users will likely hate it. But it is important that they understand why is it used for, and how does it work. If they do not understand it, or if IT is anal about replacing lost or broken dongles people will just start leaving them at home pointing live webcams on them.
[tags]rsa, security, rsa security, two factor, dongle, two factor security, webcam[/tags]