473,396 Members | 1,892 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp / active server pages > questions > 3-factor login system

Join Bytes to post your question to a community of 473,396 software developers and data experts.

3-factor login system

Boss is concerned with security, and wants to implement a 3 - factor login
system (username, password, and PIN). I'm not finding any canned products...
does anybody have any suggestions?
Oct 4 '06 #1
5 1551


"Ted Boyd" <sc********@hotmail.comwrote in message
news:%2****************@TK2MSFTNGP06.phx.gbl...
Boss is concerned with security, and wants to implement a 3 - factor login
system (username, password, and PIN). I'm not finding any canned
products... does anybody have any suggestions?
Write one? All you are doing is adding an extra field in your db and
validating against it in the same way as if it was just username/pwd. How
hard can that be?

IMO, however, the more things that users have to remember, the more likely
they are to write them down and stick them to their monitor on a post-it
note....

--
Mike Brind
Oct 4 '06 #2
On Wed, 04 Oct 2006 09:14:09 -0500, Ted Boyd <sc********@hotmail.com>
wrote:
Boss is concerned with security, and wants to implement a 3 - factor
login system (username, password, and PIN). I'm not finding any canned
products... does anybody have any suggestions?
A PIN actually isn't three-factor security, it's just a second password.
Something physical like an RSA SecureID token or a sheet of one-time
passwords mailed to the visitor would be three-factor security.

--
Justin Piper
Bizco Technologies
http://www.bizco.com/
Oct 4 '06 #3
"Ted Boyd" <sc********@hotmail.comwrote in message
news:#I**************@TK2MSFTNGP06.phx.gbl...
Boss is concerned with security, and wants to implement a 3 - factor login
system (username, password, and PIN). I'm not finding any canned
products...
does anybody have any suggestions?
Someone doesn't understand three-factor security -- is it your boss or you?

One, two, three factor security?
http://insight.zdnet.co.uk/internet/...2120474,00.htm

"One factor security is by far the most common -- if you know your
username and password, you're in. "

"Two factor security relies on something you alone have and something
you alone know."

"Three factor security typically uses fingerprint, retina, iris, voice or
face recognition. "
Oct 4 '06 #4
Someone doesn't understand three-factor security -- is it your boss or
you?

It looks like it's both of us. Thanks for the education.
Ted
Oct 4 '06 #5
Ted Boyd wrote:
Someone doesn't understand three-factor security...
HIstorically, the distinction between the three "factors" of
authentication -- the three ways in which a remote computer can
validate an online authentication call as legit, and then link that
call to a set of privileges earlier granted to a pre-registered user --
has been on the basis of the potential avenues of attacks, the ways in
which an adversary could corrupt the access control system.

The traditional three -- soemthing you know; something you physically
hold; and something you are (biometrically) -- are distinct because
they are thought to require three separate and distinct attacks in
order to subvert a three-factor defense.

(I sometimes wonder we might eventually see a come-back of what, in the
1970s and earlier, was considered the fourth factor: location. When a
command console could be hardwired into a mainframe, it could be given
privileges that were not permitted on other remote terminals. Imagine
the advantages -- in this era of malware and targeted trojans -- if
only you, at your keyboard, could get privileged access to, say, a
window in which you could safely input authentication data, which would
be then passed to a specific application by some trusted path.)

Surete,
_Vin

Oct 4 '06 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
login system using linux users
by: Geiregat Jonas | last post by:
I'm running a linux system I would like to create a login system based upon the users and passwd of my linux box how could I do this ?
PHP
18
Yahoo! and Login system
by: R. Rajesh Jeba Anbiah | last post by:
This is regarding secure login implementation in PHP. I'm trying to understand <http://mail.yahoo.com/> If I understand right, they're passing the md5 hash instead of the password itself. But, I...
PHP
6
[FAQ] How to implement a login system?
by: R. Rajesh Jeba Anbiah | last post by:
Q: How to implement a login system? A: Use sessions. When the user logins, store the session id in the database and then compare the current session id with the one stored in the database on every...
PHP
0
How to control user account can't login system twice at the same time in Web base system??
by: Lawrance | last post by:
DearAll: I want to control account login system once at the same time. Can I use session or application to solve this situation, even user close browser or computer crash? Best Regards,...
ASP.NET
2
User login system
by: sophie_newbie | last post by:
Can anyone recommend an open source user login system already written in Python that I could use with my site? Simplicity is the most important factor, but the ability to track users using...
Python
8
secure login system
by: frizzle | last post by:
Hi group, I need a login system for some 'private' pages. Users should be pulled from a mysql DB. Now, i've read a lot on login systems, and somehow there's _always_ the discussion with...
PHP
1
blyxx86
Questions about Login system
by: blyxx86 | last post by:
Is setting up a username/password system very difficult? What is the code, like Environ(), but specific for the username used to log into the database? We are going to be using my database at...
Microsoft Access / VBA
13
Help me with Login System
by: Apostle | last post by:
Hi all, after thinking for sometimes, I thought it will be great opportunity to learn if I will start from scratch and build my own register/login system. Here is the thread that I will be posting...
PHP
1
Login system for ms access
by: Emmanuel Ayivi | last post by:
I have created a login system for my access 2007 database with the VBA code below. I would like to add as much as many users name and password to the table that stores the user name and password...
Microsoft Access / VBA
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!