That makes no sense. If that was eBay’s concern, it would have waited until it had created — or purchased — its own hardware tokens and then simply offered the tokens to existing customers and offered those customers an incentive to switch.
To ask customers with good security to abandon it now — without offering a comparably secure alternative — is absurd. If eBay wanted to send the message that it doesn’t care about protecting its customers or its data, it picked an ideal way to do it.
Physical tokens are excellent authentication devices, coupled with other elements, since they pose considerable obstacles to long-distance attackers. Then again, if homeowners chose to store their hardware tokens on top of their Google security cameras, they may have some issues.
Sign up for Computerworld eNewsletters.