|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Fwd: Re: new opensource security system product launched]
From: arun balaji (randover
randover.com)
Date: Tue Oct 05 2004 - 13:05:25 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
attached mail follows:
all existing systems make sure that the computer has the control over
the authenication process,
let me take this a bit bit further.
lets say the user says to the website that he registers or signs up for
user:"i want you to ask me ( put your no here) questions and answers for
( put ur no here) times ."
website " ok will do "
that means that the process instead of giving it 1 or 2 data it makes it
more and more complex.
and to compensate for resetting the password i also have another
solution ( a idea ) called login less browsing.
there are 2 versions of login less browsing
1 - the software
2- the protocol or system that powers the net
for reasons best left to me
i would rather not discuss about those 2 here until i develop them
some security companies would be wracking thier brains for a solution to
resetting the password.
its so easy i wont reveal it ,
let someone find it before me and i will agree that he /she is a real
champion.
Harrison Gladden wrote:
>This is an interesting concept, but for somreason i think this would
>lower the overal security of any system implementing it, simply
>because users are stupid. They will choose something they can easily
>remember which also happens to be something anyone could figure out
>about them.???Dunno just my 2 cents...
>
>~Harrison
>
>
>On Mon, 04 Oct 2004 12:28:25 +0530, arun balaji <randoverrandover.com> wrote:
>
>
>>dear sir
>>
>>- ---
>>about me
>>- --------------
>>i am arun balaji
>>
>>i am 21 years old and i am from india.
>>- --------
>>where the idea came from
>>- --------------------
>>i and a friend( mark herbert- www.niimki.com) of mine from us developed
>>a data authentication method for use in credit card transactions as a
>>payment gateway.
>>
>>my friend didnt want any money for this authentication system.
>>
>>but i wanted to give it a full shot and i got a us provisional patent in
>>july of this year.
>>
>>now after a lot of thinking i have decided to make it open source.
>>- ---------------
>>the application- randover
>>- --------------
>>its very very simple
>>
>>normally all that a hacker needs to know about a user is 3 or 4 fields
>>of data
>>
>>1st is user id
>>2nd is password
>>
>>what i and my friend were trying to do was use a field which can be
>>universal and all pervasive..
>>
>>that led to us thinking of using all the fields in the database
>>
>>we then thought what if we can ask a random question from all the fields
>>in the database.
>>
>>this makes our system the worlds first user configurable security system
>>for use in the web.
>>
>>its very simple easy to use and develop and can be used as a standalone
>>system or along with existing applications
>>
>>see http://sourceforge.net/projects/randover/
>>and http://www.randover.com for more details
>>
>>would love to know about what you and the security community thinks of
>>my idea as a whole.
>>
>>bye
>>arun balaji
>>founder inventor and owner (randover.com)
>>
>>
>>
>>
>
>
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]