Some (most?) of us on here are in IT, whether developer or network admin or system admin, or something. Have you ever wondered why we get asked security questions now, or whether they're any use? I was surprised to find background info about this on DailyWTF, of all places:
http://thedailywtf.com/Articles/Wi@%&#Was-TwoFactor-.aspx (http://thedailywtf.com/Articles/Wi@%&#Was-TwoFactor-.aspx)
Which just reminds me that security is incredibly easy to get wrong, as it only takes one weak link to make the security chain break. "One way to do it right, ninety-nine ways to do it wrong".
180+ comments, and one of the very earliest of them nailed it:
"Just put a post-it on the monitor!! DUH!"
aka "this kind of isn't-really-2-factor authentication encourages non-techies to just do what you are trying to prevent in the first place!" lol
It's interesting to read what some banks in Europe do. For instance, sending a text message to your mobile for each transaction you want to do. As one poster said, it's much harder to spoof your mobile...
I just get Bad Request (Invalid URL) with that link
Ha it didin't like wish it was
At most it is brute force protection, but honestly how hard are most of those to guess or google?
Quote from: Lazybones on August 10, 2010, 07:26:13 PM
I just get Bad Request (Invalid URL) with that link
Ha it didin't like wish it was
Huh? Oh, blocked at work or something?
Quote from: Thorin on August 10, 2010, 08:06:03 PM
Quote from: Lazybones on August 10, 2010, 07:26:13 PM
I just get Bad Request (Invalid URL) with that link
Ha it didin't like wish it was
Huh? Oh, blocked at work or something?
No the forum swear filter replaced the characters.