Comments on: Companies urged to move beyond passwords

Emerging threats mean that passwords are no longer an adequate means of authentication, Gartner analysts warn.

[bobby_brady]

They've been saying this for years

Passwords will be around for a long time.

[Remo_Williams]

...and should be around.

You *might* be able to crack one of my passwords for a RAR file, if you had a week to do it and better hardware than I currently own. This is assuming you get past all of the other safeguards I employ at home.

Passwords do work, properly implemented and sufficiently complex. What doesn't work is policies that force compromises: asking me to generate new complex passwords every 90 days for over a dozen discrete systems forces me to write them down. Because I need them every day, that location has to be convenient. Paper is REAL convenient, people.

-Remo

Of course, with only one ID & Password

it sure makes it easy for someone to get into everything once they
figure out how to hack it

[207796398873175208235380528963]

For those who care about American IT and our national security

This is a MUST reading for those who care about the future of American IT and our national security (see the link): http://www.alexanderbell.us/Initiative/IT.htm

[fred dunn]

Who can Afford Two Factor and Infrastructure?

We have been tangling with different vendors for two factor authentication for ~10,000 users. But with the costs for the simplist solution costing us a minimum of $250,000 to $500,000 how can we afford it. Although we realize the implications and limitions of password authentication we are also realists.
Beyond the fiscal costs are the training, helpdesk, and ongoing maintenance costs.

Bottom line: Until smartcard token vendors can get their products to an affordable level as to afford the other costs involved it is almost an impossible sell to administration.

Fred Dunn

How Companies urged to move beyond passwords

How Companies urged to move beyond passwords

Mr. A.T. Alishtari, POA and Founder EDI Secure LLLP, says passwords are passe' if you consider that they can be phished, hacked, trojan horsed, pharmed, robot takeover or any number of possibilities beyond the mind's imagination.

Still keeping the swipe offline is the best way to protect consumers using the single use credit card number patent that this Company owns for the US only. Some things are easier than others.

[Abdul Tawala Ibn Ali Ali]

To update Mr. Alishtari's comment please note this now...

In January 2006, EDI Secure LLLP was purchased by IDPixie LLC. IDPixie LLC now owns the patent US 6,598,031 B1 granted on July 22, 2003 for APPARATUS AND METHOD FOR ROUTING ENCRYPTED TRANSACTION CARD IDENTIFYING DATA THROUGH A PUBLIC TELEPHONE NETWORK from inventor Jeffrey Ice. This update this patent's place in the marketplace, I add the above and below data.

My Pledge

I, Mr. Abdul Tawala Ibn Ali Alishtari, pledge my Foundation to halt child slavery activities including his Global Peace Film Festival, Inc., at www.peacefilmfest.org. I pledge moral support of legal, peaceful activities and my non-profit gifts offshore, onshore and globally, primarily with philantrophy from my personal investment to help halt all fraud, violence and scams hurting innocent children, women and families so help me God.