Date: Tue, 18 Jun 2002 23:04:44 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: Eric F Crist <ecrist@adtechintegrated.com> Cc: freebsd-security@FreeBSD.ORG Subject: RE: Password security Message-ID: <20020618225214.L74293-100000@ren.sasknow.com> In-Reply-To: <000c01c2174c$5a38f230$77fe180c@armageddon>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Eric, Eric F Crist wrote to 'Ryan Thompson' and freebsd-security@FreeBSD.ORG: > Have you explored the idea of biometrics? Yes. Bad idea. I knew someone would suggest that. My original post was too long already to include biometrics, so, since you asked, here it is. :-) > It requires a piece of hardware on each computer that is going to > access the network, but the way you're making your security > requirements sound, the security benefit is worth the cost. Depending on the metric somewhat, collecting biometrics on insecure systems is a serious security risk. Hardware costs aside (about 20 terminals, a few of which are home systems not even owned by the company), it's far too easy to replay biometrics if the end system isn't secure... and, last time I checked, most of my employees had only 10 fingers each. Once those are gone, what then? Eyeballs? :-) So, on a lot of levels, biometrics are not an option. So, let's stick with password security for now. :-) > Eric F Crist > President/Sys Admin > AdTech Integrated Systems, Inc > http://www.adtechintegrated.com -- Ryan Thompson <ryan@sasknow.com> SaskNow Technologies - http://www.sasknow.com 901 1st Avenue North - Saskatoon, SK - S7K 1Y4 Tel: 306-664-3600 Fax: 306-664-3630 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020618225214.L74293-100000>