[CQ-Contest] L.O.T.W.
Bill Turner
dezrat1242 at ispwest.com
Thu Jul 28 15:01:48 EDT 2005
At 11:20 AM 7/28/2005, Dick Green WC1M wrote:
>The simple answer is that doing security at the ARRL end would not change or
>eliminate the registration requirements. Further, such a system would have
>to rely on password logon, which is not secure.
_________________________________________________
It isn't the registration I find annoying, it's the signing and uploading.
Wouldn't password login be secure if the ARRL issued the password with the
following conditions:
1. Passwords will be assigned by ARRL. You may not pick your own.
2. No "mother's maiden name" nonsense. You use the password you were
assigned and can not change it.
3. Passwords will be as long as needed to achieve the level of security
needed. 128 characters would be fine with me, although fewer would probably
do the job. Everyone knows how to copy and paste, or better yet, use
RoboForm to automatically fill them in. RoboForm is free for up to ten
passwords.
4. Many if not most password security problems arise from use of easily
guessed passwords. #1, 2 and 3 above will eliminate that.
5. The password will only be mailed to the address on the license, just as
it is now. No emailing. Email is easily spoofed.
I just checked my RoboForm passwords. I have 35 of them as of today, most
of which I use regularly. I have never had a problem with any of them.
I am not convinced that LoTW demands a higher level of security than what
banks use to transfer billions of dollars every day. If anyone can show me
how QSLs are more valuable or more prone to hacking than cash I will drop
the whole matter.
In the meantime, we are all losing QSLs because many hams refuse to
participate due to the complexity. LoTW should be attracting hams because
of it's ease of use and security, not turning them off because it is a
PITA. As of today, only about one ham in 200 worldwide is using LoTW.
That's way too low.
Bill, W6WRT
More information about the CQ-Contest
mailing list