March 31, 2009 9:25 am

Login with an additional security layer…

Filed under: Software Security,UX - User Experience — ramsblog @ 9:25 am

I have recently come across a security layer implementation on several websites, specially where you may have your PII (personally identifiable information) stored. I am curious to understand how it is going to help the hackers. The way the instructions were given to

image setup this information are as follows:

1. setup a user id and password
2. answer one or three questions – a way to remember and recognize you as you.
3. provide an image or a text that you know and possibly an information that you provide the website to recognize you or for you to recognize you are logging into the right site.
4. when you login the next time you would enter the username and the password (provide your credentials) and proceed further. At this time you would be prompted with the key (either text or an image) that you had picked during setup process, and you proceed further saying you recognize it.


well, unless otherwise I missed reading the instructions right, this might help for an end user to trust the site so possibly avoid phishing situation to an extent, but this may not help for a website to know if it is a genuine user logging in. Applications provides the clear text key or an image, and the user can proceed further.

Do you have any insights as whey this kind of authentication is used?


Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: