Coffeehouse Post

Single Post Permalink

View Thread: Safe password storage and retrieval
  • User profile image

    I guess the title should have been qualified with "Relatively" - as nothing is of course absolutely secure. That a "physical attack" can always bypass such measures (should) go without saying.

    The idea is thought to be better than just writing down passwords directly on paper - preventing easy access to passwords if the card was to be stolen.

    The precise biometric used need not be perfect, it just needs to be hard to mimic on the given card, for any suitable definition of hard - your mileage may vary.

    As always, the trust placed into a system should be weighed against the risks. Since critical services like banking are often secured by two-factor authentication those services aren't of interest here.

    The idea is really more about having slightly better security for day-to-day services like e-mail accounts, social networking sites, etc. You could say the proposal is too complex to merrit its existence and that may be true. I prefer low-tech whenever possible but would use such a gadget if it existed and had a reasonable price tag.