how can you verify that the site you get is not a fake?
Andy Green
andy at warmcat.com
Mon Jun 6 16:15:25 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
|>the obvious solution (at least to me...) is to get rid of the need for a
|>user to use the keyboard for entering the password....
Here's an idea... you expect the site to challenge YOU for your password
before giving you access, right? Well keep that, but register a second
password with the site when you join it, and the site has to show it to
you over https before you will believe it is the site that you
originally joined ;-)
- -Andy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFCpHadjKeDCxMJCTIRAlQXAJ9mGuy1SseSxSjD/O8QQR/bw3bXHQCfUhlv
Nk/i0593WqxkHTC4saN25Ig=
=5H6s
-----END PGP SIGNATURE-----
More information about the fedora-list
mailing list