phishing

Bank of America has a smart idea they call “site key” as a defense against phishing. Logging into their site is a two-step process: you enter your username, which takes you to another page to enter your password. On this second page there is a picture that you have previously chosen from among many pictures, accompanied by a descriptive word that you typed in yourself when you chose that picture. Barring a security breach, it would be essentially impossible for a scam artist to reproduce this.

Something like this could be applied to e-mail, to help identify it as legitimately from the bank (or paypal, or ebay, or any other institution susceptible to phishing attacks). When the user sets up an account, they type in a unique, memorable phrase that is completely unrelated to their password. This phrase will then appear in all e-mail from that institution to help identify it as legitimate. I’m calling this key phrase a “mailpass.”

I can imagine a technical objection to this, and a related psychological objection. The technical objection is that with rare exception, mail is not encrypted. So the mailpass will be sent as plain text over unsecured channels, making it vulnerable to interception.

Which leads to the psychological objection. Because a phisher could intercept and use your mailpass, the mailpass would need to be viewed as a necessary proof of authenticity, but not a sufficient proof. This point could easily be lost on a lot of people, and there would need to be plenty of attendant scare-language to the effect that you cannot count on a correct mailpass to be rock-solid proof of authenticity, should always exercise due care against scammers, etc.

But mailpass would definitely make e-mail filtering a lot easier. If I were to get e-mail from paypal that lacked the mailpass, I could confidently route it to the trash without even looking at it. And I can’t think of any other reasons this would be a bad idea, though I’m sure someone out there could.