Carlos, et al -- ...and then Carlos E. R. said... % ... % AD of the time. But setup in a paranoid mode. I had to enter a password % composed from a remembered password plus a code that was read from a % little clock style device that would churn one code per minute. % Something like 6 or 8 letters, perhaps numbers. Too long ago to remember. [snip] That's the "something you know plus something you have" model. There may be other implementations, especially now that there are software tokens available, but what I have is an RSA (now part of EMC, I notice; interesting) SecurID token. It generates a new number every 30 seconds and -- most importantly -- it's in sync with a server at the office which knows what number is showing on my (and no other) token at that time. When challenged, I enter my 4- or 6-digit (depending on what that office has chosen) secret PIN and whatever 6-digit number is on the display, and I'm in. The first time I had to let in another SA using my account and had to read him the number over the phone, he was amazed and asked if I could give it to him again. I just told him that it was a one-time number and to be sure to not log out, and I didn't mention that half of it was my secret :-) HAND :-D -- David T-G See http://justpickone.org/davidtg/email/ See http://justpickone.org/davidtg/tofu.txt -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org