Letter: Two-factor authentication is vulnerable

Regarding “Education Department in market for security tools”: The Education Department should wait for results from work being done at several research sites. Two-factor authentication is like longer encryption keys and has several vulnerabilities to access-control malware as well as template hijacking. The weakness is in the system-level architectures and application interfaces.

The bottom line: Dual-factor authentication doesn't buy us anything unless it is handled differently (i.e., entwined). It is perceived to be improved security, but I'm afraid this is another high-cost decision that will be proven wrong in a few years.

R. Ellington Smith
Network Data Security Inc.


What do you think? Paste a comment in the box below (registration required), or send your comment to [email protected] (subject line: Blog comment) and we'll post it.

Featured

  • FCW Perspectives
    remote workers (elenabsl/Shutterstock.com)

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

  • Management
    shutterstock image By enzozo; photo ID: 319763930

    Where does the TMF Board go from here?

    With a $1 billion cash infusion, relaxed repayment guidelines and a surge in proposals from federal agencies, questions have been raised about whether the board overseeing the Technology Modernization Fund has been scaled to cope with its newfound popularity.

Stay Connected