Painless Security

A new version of my phishing draft is out. This draft significantly improves the discussion of the threat model based on comments I’ve received. It also I’ve tried to distinguish between two uses of passwords: passwords as a user interface element and plaintext passwords send as a protocol element. The first is a necessity if we’re going to meet users’ needs; the second must be avoided.

This entry was posted on Tuesday, November 20th, 2007 at 5:21 pm by hartmans and is filed under Phishing. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.