Quote:
Originally Posted by cheet
I don't play on stars so I had no idea how that "recovery system" worked, but this makes a lot more sense than them sending you RSA keys.
When you get the RSA token from Stars, after you enter its serial no. displayed on the backs of RSA token you are required to choose a 4 digit pin. When logging into Stars you have to enter your password + 4digit pin + RSA code.
Hypothetically even if your "friend" steals the RSA token and he knows your password, he still needs the 4 digit pin to gain access to your account.
On the other hand, based on the info from this thread, if you can disable the FT token by email, if a hacker gains access to your email and disable the token, he can also gain access to the FT account.