tekiegreg wrote:
> Hi there, I'm currently a developer hired out to a multi-unit
> franchisee in the Fast Food industry. Currently I'm building an
> application that will be deployed to all our stores. Each store will
> be running an application that will be connecting to a central server
> here at the home office. Logins of some sort will be needed for each
> store manager, but how to login has been a problem. The main issue
> has been that the store managers have had a nasty tendency in the
> past
> to share usernames/passwords with people in the store that they
> shouldn't, compromising security. So a standard user/pass won't do
> necessarily. Our thoughts have already run as follows:
>
> 1) What about fingerprints? We've tried that, but had problems with
> them in the past with greasy smudges on people's fingers proving
> difficult for the scanners to authenticate properly.
>
>
> 2) Voice recognition? Nope, too much background noise in these stores
> (and seeing as it's fairly constant and loud, often anyone gets in!)
>
>
> 3) Video recognnition? Is it good enough yet? Reasonably priced as
> well?
>
>
> So in a nutshell, what would you be thinking about? I'll probably
> use
> Client Certificates to authenticate the computer, but granted only
> store managers are allowed in, we need to restrict to themselves
> only. Hoping for some ideas here, thanks!
>
OTP with hardware token , for instance RSA.

store manager is responsble for the token to be always on his body, like his ID or key.
like other people suggested, make the managers sign this new policy.

M