Web security

[Chris Ashdown]

I have often wondered if instead of passwords the use of electronic cards as used by nhs staff in hospitals are a safer option where they can limit the use to a single departments computers, Maybe even tighter restrictions

 

[DontAsk]

Do you mean like some banks use?

Passkeys are the new thing.

 

[martin_shl]

I have often wondered if instead of passwords the use of electronic cards as used by nhs staff in hospitals are a safer option where they can limit the use to a single departments computers, Maybe even tighter restrictions

These are just another form of 2 factor authentication. When I worked for the police we used our force ID card with a password to log onto our PC.

With web, as @DontAsk says, you can now use passkeys which identify you on that device to a remote service. I use this regularly for SSH but web is slowly gaining traction.

 

[Nathanto]

I have often wondered if instead of passwords the use of electronic cards as used by nhs staff in hospitals are a safer option

Isn't a smartphone with an Authenticator app already an "electronic card", something everyone already carries around with them and is much less likely to lose than yet another plastic card?

With web, as @DontAsk says, you can now use passkeys which identify you on that device to a remote service. I use this regularly for SSH but web is slowly gaining traction.

While passkeys are great for convenience, I do question the security side of things knowing anyone who enters a four digit pin on my PC can access numerous private sites without knowing any of my passwords.

 

[fisicx]

2FA might slow thing down a little but it’s fairly painless as is using an authenticator app.

That being said, for things like banking I tend to just use my phone with facial recognition.

 

[martin_shl]

Yes, I prefer authenticator apps. I like Authy and it works well.

 

[DontAsk]

We (on this forum) are all on-line and therefore mostly somewhat tech-savvy.

A lot of people are not.

The local school requires even the dinner ladies to have a 365 login and be able to use it and navigate it, and use an authenticator app on a smart phone. Pay slips are now only available through a portal.

It's absolutely crazy when you see how some of the staff struggle..

 

[Kerwin]

I have often wondered if instead of passwords the use of electronic cards as used by nhs staff in hospitals are a safer option where they can limit the use to a single departments computers, Maybe even tighter restrictions

Read about Yubikeys which you can buy as an individual and allow you to use them as 2FA. It basically means if you do not physically have the Yubikey you can not login at all.

 

[Paul Kelly ICHYB]

How about this, via USB?

Rohos Logon Key Free – Rohos

rohos.com

You can also get software to use RFID cards