"Jørgen P. Tjernø"
jorgen at devsoft.no
Sun Aug 5 16:24:22 CEST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Shakthi Kannan wrote:
> This is w.r.t. having a login manager for OpenMoko.
> [ .. snip .. ]
> I read this page:
This idea seems to be a bit too much "work" for the average Joe, but I
guess that depends on the implementation. It also seems overly complex.
(Perhaps I'm not understanding it properly)
> I put together few points on the login manager:
I really like this idea, and it seems like it's almost fully
transparent! I guess the phone has a way of uniquely identifying the SIM
without the PIN being correct? If so, you could just ignore any user
password (and just authenticate using PIN) if the SIM is the
"first-boot" SIM (but set the user-password to PIN whenever the user
logs in with the "first-boot" SIM - so that you can use your PIN
whenever you boot the phone without SIM). That way, you don't need a
"forgotten password"-mechanism, you just use PIN & PUK - which are
pre-defined mechanisms for SIMs. (To make it even simpler in use)
Just my two cent. As I mentioned, I think this idea is an awesome (and
simple) security-mechanism. :-)
Kindest regards, Jørgen P. Tjernø.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the community