Couple of thoughts
1) Anyone with access to your email has access to your acount as long
as they know your username

2) I would be annoyed to have to go to my email everytime I wanted to
go to my bank, usually my email arrives promptly, but sometimes,
especially at work, my email can take more than 15min to arrive at
which time I have to submit another login request

3) As you have already noted, email is terribly insecure

I would like to see a certificate system where the authentication is
based on a certificate installed on the machine. You can password
protect the certificate from unauthorized use and the authentication
system, even if used for the wrong site, cannot be used to access your
account.

On Tue, 23 Nov 2004 14:40:30 +1100, Michael Silk <michaels (at) phg.com (dot) au [email concealed]> wrote:
> Hi,
>
> Just a quick little article about a login system that, should (i
> think :)), prevent phishing attempts on your site.
>
> http://michaelsilk.blogspot.com/2004/11/article-solution-to-phishing.htm

> l
>
> Have a look at it and let me know what you think ... and apologies
> to anyone if an idea like this is already out there :)
>
> -- Michael
>
> **********************************************************************
> This email message and accompanying data may contain information that is confidential and/or subject to legal privilege. If you are not the intended recipient, you are notified that any use, dissemination, distribution or copying of this message or data is prohibited. If you have received this email message in error, please notify us immediately and erase all copies of this message and attachments.
>
> This email is for your convenience only, you should not rely on any information contained herein for contractual or legal purposes. You should only rely on information and/or instructions in writing and on company letterhead signed by authorised persons.
> **********************************************************************
>
>

[ reply ]