Most readers of Bruce Schneier's popular blog on security got a sneak preview last month when he posted the essay online under the heading "The Failure of Two-Factor Authentication." It led to a strong response from those who agree the solution has limited appeal and others who argue it works well when done right.

"I agree with most of what he says, but I don't agree it's a failure. I think he's overstated his case," New Hampshire-based security consultant Ted Demopoulos of Demopoulos Associates, whose clients include Cisco, IBM and T Rowe Price, said in a phone interview. "Two-factor authentication, at most, can be part of the solution."

Schneier, who is traveling in the Middle East and unavailable for comment, believes using more than passwords helps mitigate fraud but won't prevent imposters from illegally accessing online accounts the way some vendors claim. "It solves the security problems we had ten years ago, not the security problems we have today," he wrote.

Read this full article at SearchSecurity

Write Comment
Please keep the topic of messages relevant to the subject of the article. Personal verbal attacks will be deleted. Please don't use comments to plug your web site.. Such material will be removed.
Name:
Title:
Comment:
Code:*

Powered by AkoComment!