However, it’s probably not what you think… They’re not using PKI, or SecurID, or those cruddy images we’ve mentioned before. No, this time they are using Entrust IdentityGuard which is… one time pads? From the Dark Reading article

Users receive Bingo-like cards with thousands of passwords on them. Since their entries are determined by when they access Treasury Direct, the passwords constantly change and make it tough for hackers to crack. Another plus: It cost only 25 cents for each card, and the cards were available in Braille for the sight-impaired.

Wow, now we’re really moving into the 21st century. Another card to carry around in my wallet, which I can use for… oh, just one thing. And it’s electronic, so I can… wait, no it’s not. On second thought, why don’t we just give me a second password which I can write down on a sticky and stick in my wallet? That’s a second factor, right?

This entry was posted on Monday, March 24th, 2008 at 3:25 pm by Peter Hesse and is filed under passwords. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.