AOL Increases Security… But It Will Cost You
from the are-you-paranoid-and-have-a-lot-of-cash? dept
While it’s good to see a company like AOL offering a two-factor authentication option for logging in, it might not set the greatest precedent that they’re charging an extra $2/month for the service. There’s also a $10 upfront fee, which could pay for the device from RSA that gives the user the random set of digits they need to log in (plenty of companies use these gadgets already). This raises the question: should better security be a premium option? Obviously, setting up such a system and maintaining it is a bit more costly, but what kind of message is being sent, when to be really secure in using a service you have to pay extra? Doesn’t it just give the company more incentive to be weak on security for regular users to help upsell them to the premium option?
Comments on “AOL Increases Security… But It Will Cost You”
No Subject Given
Price is probably cheap for a little piece of mind it may give folks. The cost of the hardware is probably negligible but the cost to set up the infrastructure and I have to assume the number of support calls is going to go up as well. So like the cable company, why not offer a menu of options for those folks who want it. There are a number of people who still opt not to do anything financial or personally sensitive on line so they would not need this. The person who’s worried about compromise may want to add the two dollar trinket to feel a little better.
Course you realize that if a person buys into this and somehow has their information compromised, they are going to sue the hell out of the ISP … and probably win.
deep sigh.
One question not answered; WHY?
I’ve been doing a lot of work with strong authentication in a company with tens of thousands of employees; after several failed pilot projects, the
RSA SecurID tokens was the only solution that “stuck”, that the users were willing to put up with.
But we use two-factor authentication to protect the “crown jewels”, financial data and production-critical systems, stuff that would lead to multi-million dollar writeoffs if compromised.
I’m not entirely clear on what AOL is protecting here?
This seems like a heck of a lot of time and effort just to cut back on their “phishing” problems.
What?!
Aol already charges the people too much for dial-up internet access, now they are charging an extra 2 a month for security that we should already have?