| |||||||||||||
Two-factor authenticationTwo-factor authenticationPosted Sep 1, 2011 16:37 UTC (Thu) by endecotp (guest, #36428)In reply to: Two-factor authentication by Cato Parent article: kernel.org compromised
> Something like Yubikey is not expensive ($25 a key)
$25 * 448 = $11,200
(Log in to post comments)
Two-factor authentication Posted Sep 1, 2011 17:31 UTC (Thu) by rgmoore (✭ supporter ✭, #75) [Link] Now compare that $11,200 to the cleanup cost of having kernel.org hacked. Plus the opportunity cost of having the system down while you respond. And the reputational cost of having such a major system compromised. Good security only looks expensive until it's compared to the cost of insecurity.
Two-factor authentication Posted Sep 1, 2011 17:32 UTC (Thu) by jonabbey (subscriber, #2736) [Link]
And cheap at the price.
Two-factor authentication Posted Sep 1, 2011 21:51 UTC (Thu) by Cato (subscriber, #7643) [Link]
The cost would be a good motivation to have far fewer SSH logins on kernel.org. Non-SSH services wouldn't really need 2-factor authentication, as the risk of privilege escalation is much lower.
Two-factor authentication Posted Sep 2, 2011 6:51 UTC (Fri) by job (guest, #670) [Link]
There are volume rebates, list price in their online shop is $6750 USD for 450. Put it in perspective, what are the costs of hosting and administering the machines? If that is still to steep I might be a good idea to contact them, I believe there are some free software enthusiasts associated with the company.
|
|||||||||||||