Dear Linkedin,
Hal Murray
hmurray at megapathdsl.net
Sat Jun 9 04:42:59 UTC 2012
>> Does your bank request/require that you change the PIN
>> on your ATM card every few months?
> ATM cards are not passwords, they are a coarse form of two-factor
> authentication - You have the card, you have the PIN.
> You have to possess both in order to transact - at least in in theory.
> Compare that with the secrecy surrounding the CVV - the "last three digits
> on the number on the back of the card" which you are "not meant to tell
> anyone" and which _will_ be different if your card is lost/stolen and
> reissued.
If I'm not supposed to not "tell anyone", why is it even printed where I can
read it?
----
[Context is only having so-many brain cycles to memorize passwords.]
> It's harder as we get old. Use technology to aid with the heavy lifting. :-)
Right. But the meta problem is figuring out which technology to trust.
Phishing is the tip of the iceberg on social engineering. So far, the bad
guys are winning.
--
These are my opinions. I hate spam.
More information about the NANOG
mailing list