Kevin's Weblog

In today’s Cryptogram, Bruce Schneier talks about The Failure of Two-Factor Authentication. In it he mentions:

These tokens have been around for at least two decades, but it's only recently that they have gotten mass-market attention. AOL is rolling them out. Some banks are issuing them to customers, and even more are talking about doing it.

Of course, for the same reason that you’re not supposed to share passwords across multiple systems, these corporations aren’t going to let you have just one RSA token that you use everywhere. So, I’m having this nightmare of a key ring full of a dozen or more tokens that I’m supposed to lug around.

I sure hope those organizations read Schneier’s essay and realize that it won’t help.

I’ve been listening to Indie 103.1 a lot lately. Partly because it’s pledge week on KPCC and partly because it’s playing the most interesting music I’ve heard on the radio in years. I’m really digging the eclecticness of it. Yesterday morning my morning drive was Elton John followed by some thrashing punk followed by what I think was Flogging Molly. On the way home, Nirvana was juxtaposed with Frank Sinatra.

I suppose that some people would find this sort of genre-bending completely intolerable, but I like it. It takes me back to those days in grad school that we spent bar hopping around LA and thought nothing of loading up a junk box with a sequence like Tom Waits, Social Distortion, Johnny Cash, Iggy Pop, Frank and Dino, and Black Sabbath.

Update, late 2007: Of course, they’re gone now.