[Cryptography] [FORGED] Re: So please tell me. Why is my solution wrong?

[Peter Gutmann]

Bill Cox <waywardgeek at gmail.com> writes:

>I just read it, and I think the main idea is clever.  Show the user a secret
>picture whenever they authenticate.  This could help defend against phishing
>attacks.

Nope, it doesn't.  We have about fifteen years' worth of both research and
real-world results showing that site images don't work.  It's a great idea,
sure, it's just one that doesn't actually work in practice.

Peter.