preview.tinyurl.com/ytr6zn -> consumerist.com/consumer/paypal-security-key/original-video-paypal-security-key-first-look-240770.php
What it looks like, how it works, how to get it, and whether it's worthwhile. The thing with account security is it's not the first thing that gets ya, it's like AIDS, it's all the other assholes the first asshole sells your account to that really rapes ya.
I wish credit card companies would adopt a system like this and bundle it with credit cards. That way you would need the physical card with the unique ID to use it online.
meghannmarco: I always knew there was something creepy about Ben and now we know: Ben has John Stamos tied up in his apartment. On topic: Now, if only Paypal would start treating their custoemrs right....
B says: Credit cards and other financial institutions are required by law to have what they call "dual factor" authentication for online access. What it means is in order to access your account you need to provide your username/password and information that's only available on some physical thing, like your atm/credit card. For situations where there is no card, they'll require a security key like this one.
The fact is that there are so may Phishing emails, being used. If you get tricked into giving up your PayPal/eBay login information your screwed. With this, if they do not have that Key number, they are not getting in. If you do happen to give that key number they will have less than 30 seconds to use that number or the information is useless. This will also make it more difficult for phishers to generate an authentic login page.
mefirst says: Ben-- Have you ever had a friend die from AIDs? If your'e going to enter scary territory while attempting to be funny, you should do it with appropriate levity for your surroundings--and I think a $5 piece of plastic to let you sit at home and click buttons for payment on other plastic objects is not worth the attempt at humor. What I'm saying is -- I doubt you'd yell nigger fuck faggot in a crowded theater. Besides, the comment fell flat--all it points out is you're angry about your sexual partners--why are *they* assholes? unless you're also being jovial about rape, in which case I guess any point in reasoning is about pointless. I wish I felt so much indignation about my shiny objects, must be nice up there.
dalasv says: I guess I really don't understand how anyone could get taken in a phishing scam. I mean why not just always log in at the actual paypal homepage? Every email you get from "paypal" asking you to log in is always a phishing email, so you can pretty much just ignore them all. Of course, I'm on a Mac, so maybe there are some PC Malware tricks that I am unaware of. And yeah, everyone saying paypal should give these away is right.
Still, a lot of less savvy users can and do get taken in by those e-mails. I do see a day when the two-factor identification via token will get out of hand, but for now I really love my PayPal key. nweaver, I'm not sure that "PUBLIC key cryptography" means what you think it means.
I used AIDS based on its mechanics: an attack that weakens your immune system, allowing for other diseases to infect. AIDS victims don't die from AIDS, they die from pneumonia, and the like. I could've said, "it's like an immuno-defficiency virus," but I think the point might've been lost...
But if every site wanted to use this idea you'd need a huge keychain to keep everything sorted out. I'm glad to see you're intrested in your customer's best security intrest. Unfortunately this implementation as it currently exists will not work as more vendors attempt the same approach. Overall we need a new version that supports two-factor keys across multiple financial (or otherwise) sources on one portable device.
To leave a comment, please login with a username and password. Username: Password: Confirm password: E-mail: (optional, for password recovery) Remember me on this computer?
We only allow in a commenter if the debut contribution is interesting, substantial or highly amusing. Your comment will only appear once (or if) you're added to the membership list. Check your username and password above, and click submit again.
|