ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Living Room

Now you can "Log-In with PayPal"

<< < (3/3)

barney:
On the other hand -- for years paypal has provided a super-easy-to-use, free security key hardware device which provides a serious and real extra layer of security to logging into their site.  They are way ahead of the banks in this regard and it's a genuinely excellent security enhancement.  I don't know why we haven't more use of such devices.  A single-login system that supported such hardware keys would be quite useful.
-mouser (May 14, 2013, 10:37 AM)
--- End quote ---

It's actually a pretty good idea, but there are downsides.  During my last corporate life, I was working for MCI - before Bernie Ebbers destroyed it - and a number of the senior managers had a credit-card sized device.  They'd log in to some internal Website, be prompted with a code which they then entered into the device.  They would then enter the response code from the device, and be allowed in.  The code/response had to be in a sixty (60) second time frame, or the login was voided.  Three (3) such void instances and they'd be locked out for the {day|week|month} and would be getting a call from the IT security folk.

However, battery life turned out to be a problem, as did the fragility of the device - you couldn't put it a hip wallet, so carrying it was problematic.  And, since it wasn't walletable, those senior managers would oft forget to bring it to work.  Even if they did remember, it was relatively fragile, often got broken.  But they were forbidden to leave it in their office, 'cause anyone who had access to their particular card had access to personnel and financial records that would otherwise have been unviewable.

wraith808:
I can say from personal experience, that the battery life on these things is ridiculous.  I haven't had to replace mine (for another use... but the same principle) in 2 years.  And just having access to the device doesn't give you access to the account.  It syncs up the secureid with the server, and you enter that and your password.  You have to physically co-opt the person, and get their password.  And you should still not use the same password on different sites.

cyberdiva:
Linking any login to a financial entity = bad idea IMO.
-wraith808 (May 01, 2013, 12:43 PM)
--- End quote ---
+1  :up:

Navigation

[0] Message Index

[*] Previous page

Go to full version