| Author |
Message |
Steven L Umbach
Guest
|
 Posted:
Wed Dec 22, 2004 1:26 am Post subject:
Re: Password Policy |
|
|
I concur 100 percent. If people are upset about giving out there SS# they
will never want to have there DNA used for identification. --- Steve
"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:3808632392236535736208@news.microsoft.com...
| Quote: | There has been talk about using DNA for authentication to computers.
Extending the concept, though, I'm opposed to using DNA for *any* form of
authentication. I don't want my DNA in some computer system, and I don't
want it on my passport.
I haven't made up my mind yet on finger print or retina scan data on
passports, though. I can see both sides of the argument. I guess I'm
having cognitive dissonance right now... ;)
Steve Riley
steriley@microsoft.com
Yes ofcourse but still we are talking about passwords now and not
nuclear wars or stolen passport am I right??
/J
"Steven L Umbach" <n9rou@nospam-comcast.net> skrev i meddelandet
news:OLYXg4s5EHA.3368@TK2MSFTNGP10.phx.gbl...
If someone compromises your DNA, changing your password is the least
of your problems. --- Steve
"Jörgen" <jorgen_persson78@hotmail.com> wrote in message
news:%23EWcdtm5EHA.3840@tk2msftngp13.phx.gbl...
Another big drawback with biometrics is that if someone comprimises
your DNA it's pretty hard to change your password...
"Steven L Umbach" <n9rou@nospam-comcast.net> skrev i meddelandet
news:e6XGT8G5EHA.3416@TK2MSFTNGP09.phx.gbl...
I am not a big fan of biometrics anyhow after seeing the movie
Demolition Man. --- Steve
"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:%23kKN50G5EHA.3756@TK2MSFTNGP14.phx.gbl...
DNA is a poor choice for use as an authenticator. Acquiring and
storing DNA samples requires people to expose certain things about
themselves that have nothing to do with authentication but would
likely be misused for discrimination -- diseases, genetic traits,
and so on.
Steve Riley
steriley@microsoft.com
"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:erdCmEG5EHA.3648@TK2MSFTNGP11.phx.gbl...
Too easy to get someone's blood with or without their cooperation
and subject to social engineering. --- Steve
"Andrew Mitchell" <amitchell@removecasey.vic.gov.au> wrote in
message news:Xns95C2F393A90DAcasey01@207.46.248.16...
"Joe Richards [MVP]" <humorexpress@hotmail.com> said
Implement smartcards or biometrics.
Yeah. DNA testing of a blood sample taken from a gaping wound in
his
neck
ought to do it ;-)
-- Andy.
|
|
|
| Back to top |
|
 |
Ulf B. Simon-Weidner [MVP
Guest
|
| Posted:
Wed Dec 22, 2004 2:29 am Post subject:
Re: Password Policy |
|
|
"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:steriley@microsoft.com:
| Quote: | There has been talk about using DNA for authentication to computers.
Extending the concept, though, I'm opposed to using DNA for *any* form of
authentication. I don't want my DNA in some computer system, and I don't
want it on my passport.
|
Hash your DNA. Just store the Hash.
--
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
WebSite: http://www.windowsserverfaq.org |
|
| Back to top |
|
|
Roger Abell [MVP]
Guest
|
| Posted:
Wed Dec 22, 2004 11:44 pm Post subject:
Re: Password Policy |
|
|
What? and trust that the code doing the hash did
not actually persist the input data ?
My machine signature (charge card use) is always
a different random scribble.
--
Roger Abell
"Ulf B. Simon-Weidner [MVP]" <nospam2-ulf@usw-consulting.com> wrote in
message news:OuM0Rw55EHA.936@TK2MSFTNGP12.phx.gbl...
| Quote: | "Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:steriley@microsoft.com:
There has been talk about using DNA for authentication to computers.
Extending the concept, though, I'm opposed to using DNA for *any* form of
authentication. I don't want my DNA in some computer system, and I don't
want it on my passport.
Hash your DNA. Just store the Hash.
--
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
WebSite: http://www.windowsserverfaq.org |
|
|
| Back to top |
|
|
Roger Abell [MVP]
Guest
|
| Posted:
Wed Dec 22, 2004 11:46 pm Post subject:
Re: Password Policy |
|
|
"Jörgen" <jorgen_persson78@hotmail.com> wrote in message
news:OV4fcp25EHA.2600@TK2MSFTNGP09.phx.gbl...
| Quote: | Yes ofcourse but still we are talking about passwords now and not nuclear
wars or stolen passport am I right??
/J
|
Reminds me of the disclaimer in the EULAs about Java
based applications being inappropriate for control of . . .
such as nuclear facilities.
--
Roger Abell
| Quote: |
"Steven L Umbach" <n9rou@nospam-comcast.net> skrev i meddelandet
news:OLYXg4s5EHA.3368@TK2MSFTNGP10.phx.gbl...
If someone compromises your DNA, changing your password is the least of
your problems. --- Steve
"Jörgen" <jorgen_persson78@hotmail.com> wrote in message
news:%23EWcdtm5EHA.3840@tk2msftngp13.phx.gbl...
Another big drawback with biometrics is that if someone comprimises your
DNA it's pretty hard to change your password...
"Steven L Umbach" <n9rou@nospam-comcast.net> skrev i meddelandet
news:e6XGT8G5EHA.3416@TK2MSFTNGP09.phx.gbl...
I am not a big fan of biometrics anyhow after seeing the movie
Demolition Man. --- Steve
"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:%23kKN50G5EHA.3756@TK2MSFTNGP14.phx.gbl...
DNA is a poor choice for use as an authenticator. Acquiring and
storing DNA samples requires people to expose certain things about
themselves that have nothing to do with authentication but would
likely be misused for discrimination -- diseases, genetic traits, and
so on.
Steve Riley
steriley@microsoft.com
"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:erdCmEG5EHA.3648@TK2MSFTNGP11.phx.gbl...
Too easy to get someone's blood with or without their cooperation and
subject to social engineering. --- Steve
"Andrew Mitchell" <amitchell@removecasey.vic.gov.au> wrote in message
news:Xns95C2F393A90DAcasey01@207.46.248.16...
"Joe Richards [MVP]" <humorexpress@hotmail.com> said
Implement smartcards or biometrics.
Yeah. DNA testing of a blood sample taken from a gaping wound in his
neck
ought to do it ;-)
--
Andy.
|
|
|
| Back to top |
|
|
Steve Riley [MSFT]
Guest
|
| Posted:
Thu Dec 23, 2004 1:20 am Post subject:
Re: Password Policy |
|
|
| Quote: | My machine signature (charge card use) is always
|
Nice... I've been conducting a similar experiment, changing the way I sign
all credit card slips. So far, there's been nary a peep from anyone.
I particularly enjoy this story: http://www.zug.com/pranks/credit/index.html
Steve Riley
steriley@microsoft.com
| Quote: | What? and trust that the code doing the hash did
not actually persist the input data ?
My machine signature (charge card use) is always
a different random scribble.
"Ulf B. Simon-Weidner [MVP]" <nospam2-ulf@usw-consulting.com> wrote in
message news:OuM0Rw55EHA.936@TK2MSFTNGP12.phx.gbl...
"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:steriley@microsoft.com:
There has been talk about using DNA for authentication to computers.
Extending the concept, though, I'm opposed to using DNA for *any*
form of authentication. I don't want my DNA in some computer system,
and I don't want it on my passport.
Hash your DNA. Just store the Hash.
-- Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
WebSite: http://www.windowsserverfaq.org |
|
|
| Back to top |
|
|
Roger Abell
Guest
|
| Posted:
Fri Dec 24, 2004 1:29 pm Post subject:
Re: Password Policy |
|
|
My "scribbles" are really exactly that, like a child first
discovering crayons. So far only a couple of cashiers
have asked to actually see something - I think the rest are
just glad I did not make them use the old paper method.
--
Roger
"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:5799632393112324458544@news.microsoft.com...
| Quote: | My machine signature (charge card use) is always
Nice... I've been conducting a similar experiment, changing the way I sign
all credit card slips. So far, there's been nary a peep from anyone.
I particularly enjoy this story:
http://www.zug.com/pranks/credit/index.html
Steve Riley
steriley@microsoft.com
What? and trust that the code doing the hash did
not actually persist the input data ?
My machine signature (charge card use) is always
a different random scribble.
"Ulf B. Simon-Weidner [MVP]" <nospam2-ulf@usw-consulting.com> wrote in
message news:OuM0Rw55EHA.936@TK2MSFTNGP12.phx.gbl...
"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:steriley@microsoft.com:
There has been talk about using DNA for authentication to computers.
Extending the concept, though, I'm opposed to using DNA for *any*
form of authentication. I don't want my DNA in some computer system,
and I don't want it on my passport.
Hash your DNA. Just store the Hash.
-- Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
WebSite: http://www.windowsserverfaq.org
|
|
|
| Back to top |
|
|
Joe Richards [MVP]
Guest
|
| Posted:
Sat Jan 08, 2005 9:48 pm Post subject:
Re: Password Policy |
|
|
If you use many of those electronic signature pads becoming popular for credit
card purchases everyone's signature looks like a child discovering crayons. I
just bought a $1000 snowblower from home depot and the pad took my signature and
inserted a vertical line from top to bottom of the screen every 1/4 inch or so.
The lady never looked at the back of the card nor asked for ID.
joe
--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net
Roger Abell wrote:
| Quote: | My "scribbles" are really exactly that, like a child first
discovering crayons. So far only a couple of cashiers
have asked to actually see something - I think the rest are
just glad I did not make them use the old paper method.
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in