Is Titan the KEY to Your Security? - Comments Page 2

I would love to get this type of security. But I assume that since it is hardware with USB it is restricted to one computer at a time. I have 6 computer in my network. The kids are on two of them daily, when they are not in school, (they have their own accounts). And quite possible I use my laptop at the same time and also a wireless computer that I sued almost every day when I to watch movies. I can use any of these computer for a quick bill pay. Two of them I use regularly to update my banking activities.

First, people posting here should read Bob’s previous article on 2FA and it’s comments. Second, this idea of a physical key to plug into your device is not new. In fact, if you’re old enough you may know that the idea and implementation of a security key was around as early as in the late 1970’s (it used a serial port). Third, Bob said “The Bluetooth option is likely to be more popular because it does not require any more daily effort than attaching the key to one’s person, once a day.” Here we go again, a bastardization of a good security concept which will open the door to easy software hacking and lead to articles such as Bob’s previous article on 2FA flaws. An important aspect to personal security is personal laziness, or rather the lack of it. If you’re too lazy to plug in a key into your device, then you might as well not bother with a password on your cell phone because swiping and putting a number every time is a real pain.

My understanding is that to use 2FA, one must own a cell phone which can receive text. What does one do when he/she/they don't have a cell phone? What if a person is on a limited income (SSA)? Having txt capability costs extra. Not everyone is well-to-do like one particular female whose name appears quite frequently here.

Thanks for the article Bob. The European NFC finger rings have some attractive styles and I'd use one. Since locating my keys or wallet is often a problem here. Using a ring to unlock accounts and cell phones seems a lot less trouble.

Now if online businesses which we have no control over like Equifax would tighten their security. With their control of our credit, security should be a bigger priority than making money off our info. And financial institutions encourage online business. Instead of snail mail correspondence "to save the trees". How about renewable hemp paper to "save the trees"?

I have, for use with the local social security people, SecureID from RSA. It does not need USB or Blue Tooth. It changes a 6-figure number every 60 seconds and is used together with two different sorts of passwords, one of which is a prefix to the ever-changing number, in addition to the user ID. It is guaranteed to keep time with the generator at head office for four years. I don't know how much it costs as I don't pay the manufacturer but it seems pretty good to me. The drawback is that I suppose one may need a different one for each application one uses it for.