Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What specific controls does BioPassword implement to prevent the unauthorized capture and replay of user credentials when using the Flash Plug-in?

biopassword capture controls credentials implement Replay unauthorized user
0
Posted

What specific controls does BioPassword implement to prevent the unauthorized capture and replay of user credentials when using the Flash Plug-in?

0 CommentsAdd a Comment

1 Answer

0

The BioPassword Flash Plug-in uses two primary control mechanisms to prevent replay attacks. First, keystroke timings are encrypted with the AES algorithm. The AES key is unique per session and sent from the server. This prevents capturing keystroke timings on the client before being sent over an SSL protected connection. Thus, attackers do not have access to clear-text timings. Second, we utilize 3rd party tools to obfuscate our Flash plug-in. This is a complementary control to reduce tampering of the encryption and formatting controls within the Flash plug-in.

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123