Security
Two-factor authentication is good, but 'hackers are responding'
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

Hackers crack two-factor security

Technology is not the golden bullet  to stop web fraud, warn security experts

Iain Thomson, vnunet.com 04 Jul 2005
ADVERTISEMENT

IT experts warned today that, contrary to popular belief, two-factor authentication is not secure enough to curb internet banking fraud.

"Two-factor is good, but hackers are responding," Graham Cluley, senior technology consultant at Sophos, told vnunet.com.

"The latest generation of spyware not only includes key-loggers that trap passwords, but screen-grabbing software. This takes multiple images of what the user is doing and sends it straight to the hacker."

Cluley is not the only expert to warn of the danger of putting too much faith in two-factor technology, which combines conventional passwords with portable electronic tokens that generate a unique code in synchronisation with a central security server.

Bruce Schneier, chief technical officer at Counterpane, has also raised doubts about the technology's ability to cope with man-in-the-middle and pharming attacks. 

Nevertheless, the banking industry looks set to implement two-factor authentication after talks with the police and vendors

Patrick Runald, senior antivirus consultant at F-Secure, said: "Where I'm from in Sweden two-factor works very well. The banks can sell themselves on security and it reassures customers."

The warnings follow announcements from Microsoft and BT that they are planning to adopt two-factor authentication to enhance security.

The system still uses passwords, but adds a second layer of security with a physical token that synchronises with a remote server to prove the user's identity.

Security
Security
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack.  15 Apr 2004

All Hacking

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
CMS Engineer
Welwyn Garden City, Hertfordshire, United Kingdom | Tesco.com
CMS Engineer - Welwyn Garden CityWho's behind the world's most successful online retailer? Just over 10 years ago we started Tesco.com (aka Dotcom). Today, we've an incredible 750,000 active customers and sales at just under ... more >
Become a Microsoft Certified Professional. Sign-up today to find out more.
United Kingdom | Advent Computer Training
Are you stuck in a dead end job? Do you want to take control of your salary, life and career? Advent IT and computer training offers advanced, professional training and helps you find the right ... more >
Looking for a career in IT? Expert training from Advent IT and computer training.
United Kingdom | Advent Computer Training
Are you stuck in a dead end job? Do you want to take control of your salary, life and career? Advent IT and computer training offers advanced, professional training and helps you find the right ... more >
Software Developer
Durham, United Kingdom | Durham University
Durham University Shaped by the past, creating the future Ocean-Bottom Instrumentation Consortium Software Developer £25,888 - £33,780 per annum Applications are invited for a software developer to join the Ocean-Bottom Instrumentation Consortium (http://www.obs.ac.uk/), who provide ... more >
More job opportunities

Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Accessibility
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers 2005
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503