In past years, the issues surrounded viruses, spyware, worms, and other malware. During the more recent semesters, the common postings were on wireless issues (lack of encryption), server security, laptop (data-at-rest) and thumbdrive security, social engineering, shoulder surfing, tailgating, identity theft, and dumpster diving. This reflects a broader perspective of security beyond the intrusions from the World Wide Web.
Passwords are a common issue that students bring up. Yes, I am favor in two-factor authentication (what you know such as passwords or a PIN...plus what you have like a token or smart card...or what you are such as biometrics). However, particularly in our rough economic times, it takes money to pay for additional security like tokens or biometrics. Is it a worthy investment? Well, it depends...it depends on what you are trying to protect, what financial resources you have, and other factors. Of course, if you are protecting the nation's secrets or sensitive financial/personal data, the answer is yes. However for other situations, the answer is not so clear.
Personally, I am disappointed with passwords themselves which are long, complex and impossible to memorize. And they say not to write it down. There MUST be a better system. Here is one answer:
http://www.youtube.com/watch?v=l0biryfzCW0&feature=player_embedded
I feel so insecure after this session after learning from you some of the threats that is out there!
