[Cryptography] Order of username and password entry

[Tom Mitchell]

On Mon, Apr 5, 2021 at 5:44 PM Jerry Leichter <leichter at lrw.com> wrote:

> > One suggestion is to keep a space in the password, this would prevent it
> reaching the other end in username, you can consider a loss of 1 character
> followed by space, at worst, you will lose one char of your password.
> I'm not sure what systems do that.




Add invisible fonts and same on same background/text colors.

The drag and drop is interesting.
The initial login to the computer and lock screen requires a device
And or personal memory drag and drop copy paste is not yet annoption.
Devices get lost, replaced and also fail.

Authenticator application all but fail as a strategy when someone gets a
new phone or when it gets lost.
Nothing scales to the now hundreds of passwords people need to manage.
Company data has an access diagram of administrators, auditors and mangers.
Companies terminate individuals before recovering keys who then are obliged
to destroy and forget them, Instantly (per Kafka and Heller).
Company data access tokens on employee owned devices.
Commingling of access via a single yubikey or a person has three keys on
their neck each nicely compartmented and segregated: personal, company,
family.  Which is confiscated by security?
A local company purchased latest generation iPhones for all staff because
their authenticator is only validated and supported on latest hardware and
is required “all the time”.  A +$1000 token.
Each account has an authentication access list and there are thousands of
accounts and a mix of customer, staff, auditor and external client and
contractor access needs.

So user+access_key, roll+key, MAC+key many are ephemeral and also geofenced.
i.e. shift related on and off a clock, interesting with billable time.









-- 
Tinny keyboard.. Mobile ... I am
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210406/41551d89/attachment.htm>