Single Factor Authentication, Continued
Partial Transmission of Passwords/PINs is a step up from the chocolate fire safe - maybe to a hard plastic one. Again, it is very vulnerable to phishing, social engineering of all sorts, and key loggers, which will get the information they want after two or three successful logins. Despite that, it is by far the most used method in online banking today. Effectively, all the data necessary to break the login will become available through attacks on the PC, and instantly available through phishing and social engineering.
Scrabble Pads are a joke! Here, the user looks for the alternative letter that is provided onscreen and enters it in the password box. Unfortunately, all the information required for reverse engineering the password or PIN is on this page. The hacker essentially "has the screen", and the letters that are entered, so where's the security? Take a closer look:
My desktop Trojan with key logger and screen scraper says "thank you very much" to this sort of thing. It offers no resistance to phishing at all, as the password or PIN is the basis of the substitution, the 'cipher key' displayed onscreen.
And Virtual Keyboards are not much better...
As above, my screen scraper can see every button click, irrespective of the 'cipher' that is passed to the server. This also offers no resistance to phishing at all, because if the user has given up the password/PIN, then the virtual keyboard is irrelevant.
Related Articles
-
CRYPTOCard adds Managed Authentication Service
- They're Out to Get You - An Introduction to Internet Security
Support Us!
If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!Don't Miss These
-
Wi-Fi 6 Performance Roundup: Five Routers Tested
Read More
We take a look at how five Wi-Fi 6 routers perform with a Wi-Fi 6 client. -
First Peek At Wi-Fi 6: ASUS RT-AX88U & NETGEAR RAX80
Read More
Updated - Our first look at the performance of NETGEAR's RAX80 and ASUS' RT-AX88U shows little benefit functioning as AC routers. -
160 MHz Wi-Fi Channels: Friend or Foe?
Read More
Updated - 160 MHz channel bandwidth is an essential feature of 802.11ax. We take a look at whether it means trouble for your 11ac network. -
Wi-Fi Roaming Secrets Revealed
Read More
Ever wonder what happens behind the scenes when Wi-Fi devices roam, or more likely don't? We'll show you why the "seamless" roaming Wi-Fi gear makers promise is still as elusive as a Yeti.
- 1
- 2
› ‹ - They're Out to Get You - An Introduction to Internet Security