Quote:
Originally Posted by asdrubale
full tilt says they will do it, I checked stars and it looks they have thought it a little more thorough though I still think it's not that hard for somebody who knows your info. What can stars do more than ask for an ID scan they have no means to check the authenticity of. A bank _is_ different, or at least mine is, because if you want to bypass the thing you have to personally show up with a real id etc.
I'm obviously not saying its worthless but someone who can hack your password can hack the token with maybe 30% more effort imo.
Quote:
Originally Posted by NOSUP4U
Again, you don't really have a clue what you are talking about. I hope nobody reads any of the stuff you post about RSA tokens and takes you seriously. Go do some reading first before posting irresponsible stuff like this.
Mark
Well, in fairness FTP do state that they'll disable it after a security check based on documents that you email them. I gave out about it in the original thread, and I'll probably do so again in the FTP answers thread. The obvious problem would be that these documents are probably in the sent folder of the average poker player's email account. Realistically they should have to send you out another device, or at least an authentication code.
That said, the time delay between somebody initiating the procedure and full tilt actually disabling the token would mean most attacks along this route would fail. Also, you're knocking FTP's system, not tokens. Which is good because trying to knock tokens would be silly.