[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Duress Passwords/PINs/Combinations

To: [email protected] (Bob Baldwin)
Subject: Re: Duress Passwords/PINs/Combinations
From: David Kovar <[email protected]>
Date: Thu, 18 Nov 1993 17:40:34 -0500 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Bob Baldwin" at Nov 18, 93 01:23:59 pm

> 	Having a separate authentication mechanism that is used
> under duress is a very good idea that some existing systems already
> employ.  I'll pass along the ones I have had contact with.  From a
> systems point of view, it is hard to figure out exactly how the system
> should respond when it recognizes a duress authentication.  There are
> competing interests as I'll explain after some examples.

The SecureID system has a duress PIN built in to it as well. Using
that PIN, you're still authenticated, but the server software knows
that you entered it under duress and does the "appropriate" thing.

-David

References:
- Duress Passwords/PINs/Combinations
  - From: [email protected] (Bob Baldwin)

Prev by Date: CryptoCards
Next by Date: Re: Guerilla Cells
Prev by thread: Duress Passwords/PINs/Combinations
Next by thread: Sorry...
Index(es):
- Date
- Thread