[cap-talk] Update on petname related anti-phishing work attheW3C

Karp, Alan H alan.karp at hp.com
Wed Jun 27 19:58:29 EDT 2007

Tyler Close wrote:
> Also, seeing your password in the PII bar is part of what tells you
> you're looking at the real PII bar and not a spoof. Does your password
> really need more protection from shoulder surfing than your credit
> card number gets, or other PII strings get?
I have at most a $50 liability for misuse of my credit card.  Schwab
holds me fully responsible for any use of my account accessed with my
password.  Besides, if I've got strong passwords, they were probably
generated by some tool and are meaningless to me.

Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029

More information about the cap-talk mailing list