Another great idea to use mobile phone as a security measure came from myOpenID, it has launched a new service called CallVerfID at its website. The new service will integrate into your myOpenID account automatically, all you've got to do is activate the service.I'll let Rafe Needleman (Webware) to explain how it works: "When you want to authenticate a site using MyOpenID, first you sign on as usual, with your user ID and password. Then the service calls your phone at the number you've given it. All you have to do is pick up the phone and press # to confirm. If you don't, sign-on fails."
Like always, new product always has its lacking. This CallVerfID service is prone to the lost of the mobile phone you've registered with, and you can only register one phone number. Rafe also found out, that CallVerfID can't tell you which web sites that asked for verification; which is an important log feature to track back who's been trying to breach your account.
The bright side is: you'll now know, when someone is trying to hack into your account. But the bad side is: you could get plenty of calls for veryfication, if your account is very popular for hackers. ;-p
[blogged with my Treo 750v]
No comments:
Post a Comment