Break-Open One-Shot Password Stores
Ian Batten
igb at batten.eu.org
Tue Feb 28 07:38:50 GMT 2012
On 27 Feb 2012, at 18:12, Paul Barnfather wrote:
> On 27 Feb 2012, at 13:32, Mark Lomas wrote:
>
>> Note that these don't protect you against an insider with access to unused envelopes.
>
> I assume that is why the PIN must also be changed on first use
That varies from bank to bank, I believe. It seems an obvious measure to guard against insider threats, but on the other hand people don't by and large set good PINs.
ian
More information about the ukcrypto
mailing list