solution for phishing

Today, it is difficult for an Internet user to understandwhat information they are disclosing, and to whom
they are disclosing that information. Many anti-phishing solutions try to improve this situation by
making stolen passwords less useful, or by helping users identify legitimate sites. One method for addressing phishing is by adding multi-factor authentication. Most web sites require only single-factor authentication to log in: an end user types in their user name and password to authenticate. Multi-factor authentication requires an additional
factor: a one-time password (OTP) value, a digital certificate (usually through a smart card or USB token), or a biometric identifier. The idea of two factor authentication is to require “something you know” with “something you have.” If an attacker captures a username and password, that will not be sufficient to log in because the attacker doesn’t have the right OTP value or digital certificate. If an attacker steals a user’s OTP value or digital certificate, they will not be able to log in because they don’t know the user’s password.

Source Verisgn

Related posts

• who the phishers are? (0)
• Reporting spam or email phishing (0)
• Phishing and pharming (0)
• Phishing and Online Fraud Undermine Customer Confidence (0)
• Phishers started baiting to target holiday shoppers (1)