July 2006 - Posts - Pierre Henri Kuaté's blog

July 2006 - Posts

Throwable password/account
Here is a scenario which occurs often and which annoy me:
I go out somewhere and I need to access my mailbox. I have a couple of options:
- Use a public computer (in an Internet cafe for example)
- Use a friend's computer
In both situations, I have to type my account and password on a foreign (suspect-able) computer which could be infected by a "key-log" software (which log all keyboard strokes). If it occurs only once, I am done for :D

A nice solution to this little problem would be to be able to create "throwable passwords" that can only be used once to access the mailbox. So that when you think that your password may be intercepted, you just use a throwable password (which will be useless to the interceptor).

Now, the next step would be to be able to create sub-accounts with less permissions (like OS accounts) and/or fixed lifetime. Eg: For a three days holiday, you create an account which can only read mails complying with specified filters (cf. GMail) and which will die three days after its activation... You can also allow somebody else to access some elements of your mailbox (eg: read-only access to some professional mails for a co-worker).
The possibilities are endless; you just have to let your imagination fly ;)

Obviously, this idea can be applied to any kind of secured system and I am sure that something similar is already available in some enterprise applications. Have you heard of any?
I really hope that, some day, this idea will be implemented in most websites (there is no real technical difficulty for that).

Who will be the first? Google? Yahoo? Microsoft? Smile [:)]
(Hey, may be I should patent this idea. Stick out tongue [:P])
Share this post: email it! | bookmark it! | digg it! | reddit! | kick it! | live it!
Posted 19 July 2006 01:41 PM by Pierre Henri | 2 comment(s)
Filed under: