There are isolated attempts to solve in alternative ways the
server authentication problem. For example, one proposed solution
lets the user choose at registration time a speci?¬?c image;
during subsequent logons, that image is shown after the user
types in his username but before typing the password. In this
way, the user will know that the website is actually the one with
which he performed the original registration because any impostor
would not know which image was selected at signup
time. This is a very clever solution, but it is one among the many
possible. There are no guarantees that others will adopt it, too,
and in fact businesses in which trust has to be established from
the very ?¬?rst contact would not ?¬?nd the scheme advantageous
because it works on the assumption that the registration phase is
safe. Such businesses will come out with their own clever solution,
and the user pro?¬?ciency will be strained beyond its limits
in the attempt to master all those clever but diverse systems. For
the third time in the current section, we encounter a problem
Countermeasures
can be locally
effective, but ultimately
they have to
compete for the
pro?¬?ciency of the
user among a sea of
equivalent offers
that impose different
procedures
84 The Problem
that cries for a global answer instead of being solvable by the
emergence of an approach over the set of all individual initiatives.
Pages:
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158