“If you only buy X,” the sales pitch goes, “then you will be secure.”Many times we have customers who are considering going with certificates or smart cards rather than one-time passwords (OTP) as their means of two-factor authentication. Bruce does a great job of throwing light on some of the PKI/smart card "myths". Especially true is that for any security system there are people involved:
But reality is never that simple, and that is especially true with PKI.
Security is a chain; it’s only as strong as the weakest link. The security of any CA-based system is based on many links and they’re not all cryptographic. People are involved.So if you are interested in strong authentication take a look at this article. It's worth your time.
Technorati Tags:
security, two-factor authentication, QSFT, Quest Software, PKI