Tuesday, February 20, 2007

OpenID: an actually distributed identity system

OpenID: an actually distributed identity system

Wouldn't it be nice not to have to mess with hundreds of passwords? Some sort of centralised authentication system would make things so much easier...and yes, easier for hackers...but only to a small extent.

We are very predictable animals, and the more passwords we are expected to learn/memorise, the more lazy we become. We all trend to very guessable passwords - ooh, they'll never think of my birthdate backwards! Sigh. I have written about this before. The whole concept of strong passwords is fundamentally flawed. They only slow down a good hacker and deter the lazy. Think for a moment about how the banks do a pretty good job of protecting your money at an ATM with a simple 4 digit-only password (and yes, the commonest is 1234). Having a token (in this case your card) is the other essential piece. This is what is meant by 2 factor authentication. (BTW, don't let some EMR vendors try and tell you that 2 sets of passwords is 2 factor authentication...but I digress).

For a truly brilliant presentation on identity, check out this presentation by Dick Hardt. A great lesson in effective presenting, as well as a good overview on identity stuff.

0 Comments:

Post a Comment

<< Home