Skip to Content
1-11-2010 @ 1:55PM
@ulurjah - what you described is the one weakness token-based two-factor authentication has: the man-in-the-middle attack. It's theoretically possible, but for all practical purposes can't be executed on any sort of scale to make it worthwhile for the hackers.I.e., trojans/keyloggers/phishing net them thousands of accounts a day. Attempting to MITM an authenticator would get them about 3 accounts per day, and require MUCH more effort on their part. It's just not worth it to them.Which is why token-based two-factor authentication is generally seen as one of the most secure methods in use today.
First time? A confirmation email will be sent to you after submitting.
Members enter your username and password.
Enter your AOL or AIM screenname and password.
Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.
When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.
To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.