What do you think about this?
The users would have two different passwords to login.. But it is not the common idea of using both passwords at the same time to login... The idea is that one password would be a normal password, and the other one would be a lower access rights password... the user would use this password to login from places he doesn't trust (a public pc for example).. if someone keylogged his password, they can't do much harm because of the lower rights of that password..
Well, I described it better here http://www.felipc.com/2005/07/27/two-passwords-to-protect-privacy/ and added a "case study" of how this could be implemented in Gmail.. |