I have been looking at neomailbox and a few other "secure" web-based
A concern I have is protection against key loggers, packet sniffers,
and other methods for stealing my password.
Neomailbox talks about something called an iKey. Below is an excerpt
from their web site.
"When you choose the option to "Store password on iKey" in SecureBat!,
this will activate a hardware implementation of the CRAM-HMAC
Challenge/Response (RFC-2095) authentication. A special non-replicable
hardware token, iKey by Rainbow Technologies, is used to store the
password and to produce Keyed Hashing."
The above paragraph sounds good, but I know very little about these
things. Are there any disadvantages to using this hardware key?
Apparently, if I understand things correctly, it generates a unique
and usable "digest" password each time I log in. This "digest"
password can only be used once. Are there any loopholes that would
allow attackers to duplicate my hardware token?
Does anyone have opinions on secure email and/or neomailbox?
Thanks for any input!