Letter: Two-factor authentication is vulnerable

  • Feb 25, 2008
Regarding “Education Department in market for security tools”: The Education Department should wait for results from work being done at several research sites. Two-factor authentication is like longer encryption keys and has several vulnerabilities to access-control malware as well as template hijacking. The weakness is in the system-level architectures and application interfaces.

The bottom line: Dual-factor authentication doesn't buy us anything unless it is handled differently (i.e., entwined). It is perceived to be improved security, but I'm afraid this is another high-cost decision that will be proven wrong in a few years.

R. Ellington Smith
Network Data Security Inc.


What do you think? Paste a comment in the box below (registration required), or send your comment to [email protected] (subject line: Blog comment) and we'll post it.

Featured

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

  • Workforce
    online collaboration (elenabsl/Shutterstock.com)

    Federal employee job satisfaction climbed during pandemic

    The survey documents the rapid change to teleworking postures in government under the COVID-19 pandemic.

Stay Connected