[funsec] The end of Phishing in sight?

Florian Weimer fw at deneb.enyo.de
Mon Oct 17 15:46:39 CDT 2005


> Federal regulators will require banks to strengthen security for
> Internet customers through authentication that goes beyond mere user
> names and passwords, which have become too easy for criminals to
> exploit.
>
> Bank Web sites are expected to adopt some form of "two-factor"
> authentication by the end of 2006, regulators with the Federal
> Financial Institutions Examination Council said in a letter to banks
> last week.

In Germany, we have both: two-factor authentication and phishing.
This should tell you something about the effectiveness of two-factor
authentication. *sigh*

To me, this looks like a subsidy for certain parts of the security
industry, and not a step to protect consumers.  Otherwise, there
wouldn't be something which is close to a technology mandate.

(Yeah, I know, I'm probably driving on the wrong side of the road,
given the long list of famous names who disagrees with me.  But
still...)


More information about the funsec mailing list