Report Offensive Message
I'd have to agree with this part as well:
"Keyloggers and social engineering are not reasons to avoid using passwords".
Also, I think behavioral systems are better suited to the corporate environment than the common home user. Yes, phishing is a problem in both worlds, but a behavior system would probably be more effective in the corporate environment, as Dominic states, since employees can have specific roles. But, even then its only as effective if they in fact, stick to those roles; the general user (as in the example of the credit card user) tends to change their behavior more often than not, regardless of what research the card companies state; I tend to think their research is dated too. Empoyees can very well change their behavior as well, even unintentionally. It may be worth it to utilize both models, (password systems and behavioral systems) and not just do away with password systems?
Bah....What do I know....
Also, I think behavioral systems are better suited to the corporate environment than the common home user. Yes, phishing is a problem in both worlds, but a behavior system would probably be more effective in the corporate environment, as Dominic states, since employees can have specific roles. But, even then its only as effective if they in fact, stick to those roles; the general user (as in the example of the credit card user) tends to change their behavior more often than not, regardless of what research the card companies state; I tend to think their research is dated too. Empoyees can very well change their behavior as well, even unintentionally. It may be worth it to utilize both models, (password systems and behavioral systems) and not just do away with password systems?
Bah....What do I know....
Posted by SkyNET32
22nd Mar 2012
