MSN Home  |  My MSN  |  Hotmail
Sign in to Windows Live ID Web Search:   
go to MSNGroups 
Free Forum Hosting
 
Important Announcement Important Announcement
The MSN Groups service will close in February 2009. You can move your group to Multiply, MSN’s partner for online groups. Learn More
CNBC BoardContains "mature" content, but not necessarily adult.[email protected] 
  
What's New
  
  Welcome  
  Board Index  
  Message Board  
  Stock Contest  
  Contest Rules  
  Computer Tips  
  Pictures  
  Documents  
  Links  
  Webpage Links  
  Msg Board Links  
  Quote Center  
  Glossary  
  Help  
  Joke Index  
  High Dividends1  
  High Dividends2  
  Favorite Recipes  
  Daily Cartoons  
  Emoticons  
  
  
  Tools  
 
Computer Tips : To stop a thief
Choose another message board		  
     
Reply
 Message 1 of 1 in Discussion 
From: MSN NicknameArmchairConstant  (Original Message)Sent: 9/21/2004 10:29 PM

To stop a thief

To stop a thief
To stop a thief
AOL, the nation's top Internet service provider, thinks it's found the ultimate weapon against password thieves -- a password that changes every minute. And while AOL is mainly interested in protecting its own customers, it's also building the foundation of a system that could shield millions of others who do business online.

Using RSA Security technology, AOL offers a service to help shield consumers against stolen passwords

By Hiawatha Bray, Globe Staff  |  September 21, 2004

AOL, the nation's top Internet service provider, thinks it's found the ultimate weapon against password thieves -- a password that changes every minute. And while AOL is mainly interested in protecting its own customers, it's also building the foundation of a system that could shield millions of others who do business online.

AOL has teamed up with RSA Security Inc., a Boston-area computer security firm, to offer the new service, called AOL PassCode. The service, which will cost AOL subscribers at least $1.95 more a month, uses a keychain-size digital device that displays a six-digit number. To log onto AOL, the user must type this number into an AOL account, along with the standard screen name and password.

It's not enough to enter just the password or the number -- a user must type both. If an AOL user's password leaks out, a thief won't be able to use it without also typing the AOL PassCode number. And even if the thief copies the six-digit number from the device, it won't help him, because RSA has programmed it to display a new number every 60 seconds. The computer inside the device is synchronized with a computer at AOL, which recognizes each new six-digit code and won't open the account without it.

RSA has been selling this technology to corporations and government agencies for more than a decade under the brand name SecurID. "There are 12,000 companies using this today," said RSA senior vice president Scott Schnell, who estimated that about 15 million people worldwide use SecurID devices.

But AOL PassCode marks the first time the system has been offered to consumers. "It's a very small cost, at the end of the day, for a very strong corporate-level device," said Andrew Weinstein, an AOL spokesman.

Without providing exact numbers, Weinstein said that "a sizable number" of AOL customers have been victimized by criminals who manage to get their passwords.

Once inside a victim's AOL account, the criminals can get into a number of sensitive databases. Many AOL users use the service's address book to keep detailed information about themselves and others. The thieves now have unfettered access to this data, and can use it to commit identity theft. Besides, many AOL users shop on the service, and their credit card data is stored there. Once inside, thieves can order merchandise worth thousands of dollars before they're caught.

It's unclear how many of AOL's 23 million users will want to carry an extra electronic device so they can go online.

"I see this as kind of a difficult sell unless AOL offers this for free to their customers," said Sophie Louvel, research analyst for Financial Insights, a division of IDC Corp. in Framingham.

AOL's Weinstein agrees that the new service will probably have limited appeal. "We do not see the vast majority of our members using this device," he said. "There is a segment of our membership, a minority of our membership, who want and are willing to pay for an additional level of authentication on their accounts."

Weinstein estimated that "a couple of million" AOL subscribers use the service to help them manage a small business; he said these users would be the chief market for the AOL PassCode service. The additional monthly fee ranges from $1.95 to $4.95, depending on the number of AOL screen names using the service, and there is a $9.95 setup fee.

Kat Christianson, a unemployed 38-year-old single mother in Oceanside, Calif., might not seem like a prime candidate for the new service. But after taking part in a test of the PassCode service, she's happy to punch in the extra code number when visiting cybercafes in Europe, where she has relatives.

If the AOL PassCode catches on, other companies may want to emulate the system. But consumers would likely balk at having to carry several of the number-generating devices.

That may not be a problem, according to RSA's Schnell. He said that RSA and AOL both belong to the Liberty Alliance, a group of major companies that are exploring ways to let consumers use one password to sign on at hundreds of online businesses.

Microsoft Corp. has aimed at the same goal with its Passport system, but that service hasn't caught on. Schnell said the AOL PassCode system may become part of the Liberty Alliance's unified online security system, which could someday be used by millions of Internet shoppers.

"We took our time to get it right, to make sure that we as leaders could offer something that is fast and simple and that end users will love," he said.

Hiawatha Bray can be reached at [email protected]. 



First  Previous  No Replies  Next  Last