Phishing and BGP Blackholing

Neil J. McRae neil at
Wed Jan 3 14:49:04 UTC 2007

> SecureID might be helpful if you want to differentiate your product
> between automatic and manual use, but it doesn't do anything to
> authenticate the party you are relaying information to.  But it's
> useless in a phishing context.  If you want a token solution, at least
> use something that factors in transaction-related data.

Sorry we didn't' specifically recommend any solution simply that
they need to look are more secure authentication systems to 
minimize phishing issues. As you note even the most secure systems
can be beaten.


More information about the NANOG mailing list