Thread: My gmail account has been hacked - I am pretty sure it's related to the N900 somehow
View Single Post
ndi's Avatar
ndi is offline ndi
2010-06-27 , 18:23
Posts: 2,050 | Thanked: 1,425 times | Joined on Dec 2009 @ Bucharest
#28
Originally Posted by CrashandDie View Post
Rather, the value is specifically computed every time you actually ask it to do so (VeriSign doesn't implement Time counters, but others do, which is far more secure).
I have one of those, it computes a reply from the challenge request from the server and internal clock (and PIN), meaning that the password is only valid that minute (among other things). They do have the drawback of time desync. If I don't use it often enough, clocks desync and I have to call them.

Originally Posted by juise- View Post
I've been toying with the idea of writing my own OpenID provider that would require me to approve account access from my N900.
Heh, me too, but while it does provide nice security, it has the disadvantage of having no more protection from spoofing the OID provider, plus, if N900 dies no more login. More break points.

Ideally, I shouldn't keep my passwords online. But there's so many of them! Right now, I have 84 stored user/password combos, and those don't even include VPN, VNC, FTP and Tier 1 and 2.

When forums will support OpenID across the board, we'll have a lot less of these. Most don't.
__________________
N900 dead and Nokia no longer replaces them. Thanks for all the fish.

Keep the forums clean: use "Thanks" button instead of the thank you post.