Archive for June, 2009»
Was it just me, or did anyone else think “Wow, those guys should really be using two factor authentication” at the start of the book/movie?
For those of you that haven’t seen it or read the book, the opening scene begins with a guy breaking into an area that is secured by a retina scan (eye scan) system. This guy gets in by killing and then ripping the eye out of a doctor who has access to the system, and using that to enter the secured area. Yeah a bit gross and extreme, but a valid lesson can be learnt here.
The ever increasing investment in authentication technology such as reliable and accurate retina and fingerprint authentication can make IT departments forget the importance of two factor authentication. Some places that I have worked in previously only required one form authentication – “something you are” – such as a retina scan or a fingerprint reader. This really doesn’t cut it. For places like banks and other financial institutions, there should definitely be more consideration on these matters, especially considering how easy it is to fake a fingerprint. (A quick Google search reveals several quick guides on how this can be easily).
In this Dan Brown example, an additional layer of security with a 6 digit pin code would make it much harder. Even if the burglar tortured the doctor into revealing a password, for example, there would still be more time to raise the alarm after the body was discovered.
As I turned to my girlfriend in the movies, I was about to explain all of this to her. But I wisely put the geek subject aside, as I’m sure she wouldn’t appreciate me ruining another movie by pointing out a technical flaw!