+Warwagon MVC Posted July 29, 2007 MVC Share Posted July 29, 2007 just thought i'd let everyone know that I was just listening to security now and he gave a link to PayPal where you can order a crypto tokens PayPal security key for only $5 for use with PayPal and Ebay its a little dongle which displays a set of numbers, that randomly generates. When you log into your PayPal or ebay account you have to type in those numbers to be verified This is what Steve Gibson had to say about it Steve: I got the strong sense that anybody who wants to do this, can. And as I was saying, you don?t have to follow through and attach it to your account. You could just have it as this very cool SecurID dongle for $5. And so you press the button, it gives you a six-digit number. And exactly as we were talking about, every 30 seconds it will lock that number on the display. But if you press the button to turn it off and then press it again to turn it back on, and if you cross another one of these 30-second boundaries, you get a completely different six digits. Then once you add this to your account, you know, they mail it to you, it takes about 10 days, a week to 10 days. You then, basically you do it, you use it to authenticate yourself, to prove that you have logged on and you received the key. And then the way it works from then on is you simply append those six digits to your password. So it creates an always varying, never the same one twice, and a multifactor authentication because you have to actually have this in your possession. And once you?ve done that, then if you lose it or don?t have it with you or whatever, then you?ve got to jump through even more hoops to prove to them that you are who you are because they want to make sure that, again, that your account is hardened against anyone taking advantage of that. https://www.paypal.com/securitykey Link to comment Share on other sites More sharing options...
Dick Montage Posted July 29, 2007 Share Posted July 29, 2007 We use these currently to verify our VPN connection at work. I have a username, password, 4 digit pin that adds onto the end of whatever the dongle shows. It changes every 30 seconds. Link to comment Share on other sites More sharing options...
bobbba Posted July 30, 2007 Share Posted July 30, 2007 not uk though :( Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted July 31, 2007 Author MVC Share Posted July 31, 2007 nope Link to comment Share on other sites More sharing options...
Recommended Posts