LinkedIn password database compromised

James Snow snow at teardrop.org
Thu Jun 7 08:22:40 CDT 2012


On Wed, Jun 06, 2012 at 11:14:58PM -0700, Aaron C. de Bruyn wrote:
> 
> Imaging signing up for a site by putting in your email and pasting
> your public key.

Yes! Yes! Yes!

I've been making this exact argument for about a year. It even retains
the same "email a link" reset mechanism when someone needs to reset
their key.

A common counter-argument is, "But ordinary Internet users won't
understand SSH keys." They don't need to! The idea is easily explained
via a lock-and-key metaphor that people already understand. The UI for
walking users through key creation is easily imagined.


-Snow




More information about the NANOG mailing list