LinkedIn password database compromised

Jimmy Hess mysidia at gmail.com
Wed Jun 6 22:34:39 CDT 2012


On 6/6/12, Aaron C. de Bruyn <aaron at heyaaron.com> wrote:
[snip]
> One local password used everywhere that can't be compromised through
> website stupidity...

One local password is an excellent idea of course.
"Remote servers directly handling user created credentials"   should be appended
to the list of the worst ideas in computer security.

Which digital id architecture should web sites implement, and what's
going to make them  all agree on one SSO system   and move from the
current state to one of the possible solutions though?  :)

        A TLS + Client-Side X.509 Certificate  for every user.
         BrowserID
         OpenID
         Active Directory Federation Services

         OASIS SAML  / STS + WS-Trust
         Shibboleth SSO
         CoSign SSO
         Facebook Connect
         Novell Access Manager
         Windows Live ID

[insert a thousand of the other  slightly more obscure Multi-website
Single-Login systems]
....

--
-JH



More information about the NANOG mailing list