This NYT article talks about a study by Harvard and MIT on the sitekey feature of Bank of America and argues that sitekey might not be the right solution for phishing. Their reports are based upon the research conducted with 60 individuals. Research points that almost 58 users provided their passwords without verifying the sitekey image.
With recent positive reports from a study conducted by Javelin and funded by Visa, Wells Fargo; I was happy that users have become more cautious but this recent study on sitekey is alarming. I dont know how do a sampling the MIT/Harvard folks researched on ?
Anywayz it is a known fact that humans are the weakest link in Security and this research re-proves that point. I dont see a reason as to why MIT/Harvard would research again on a fact ??!! Do you think BOA would not have considered this fact (humans are the weakest link) while analyzing sitekey ?
No comments:
Post a Comment