On Thu, Aug 29, 2002 at 01:38:47AM -0500, Matthew S. Hallacy wrote:
> as for post-it notes, there are much better ways to authenticate
> someone, my girlfriends father has to use a usb keyfob device to
> activate his workstation, you can also use devices such as retina
> scanners, fingerprint scanners, and (much more cheaply) voice print
> identification.

http://www.counterpane.com/crypto-gram-9808.html#biometrics

Bruce Schneier has some strong opinions on biometrics (among others -
what happens when someone steals your thumbprint?  It's really hard to
get issued a new one... - and don't tell me they can't.  A
cryptographer in Japan - Tsutomu Matsumoto - and his students defeated
eleven commercially available fingerprint scanners 80% of the time
using about $10 worth of household supplies - something equivalent to
gummi worms is one of the major components.  See
http://www.counterpane.com/crypto-gram-0205.html#5)

The USB keyfob is good - Bruce's opinion is that the best security is
a combination of something you have plus something you know.  I.e., a
security card plus a password is good.  For purposes of security, you
want the identifiers to be something you can cancel and reissue.

-- 
Scott Raun
sraun at fireopal.org