LinkedIn password database compromised
Christopher Morrow
morrowc.lists at gmail.com
Thu Jun 7 17:09:48 UTC 2012
On Thu, Jun 7, 2012 at 1:03 PM, Randy Bush <randy at psg.com> wrote:
> hi etaoin,
>
>> I still don't want single sign on. Not anywhere.
>
> i believe that 'single sign on' is a bad deal and dangerous for all, not
> just we geeks. essentially it means that the 'identiry provider' owns
> your identity. i love that they call themselves 'identity providers'
> when it is MY fracking identity and they are reselling it.
so... now that this can is open, has anyone looked at:
<http://www.oneid.com/>
they seem to have some interesting options for better authentication.
> the 'single sign on' i encourage for the end using human beings i
> support is 1password and its ilk. it provides the user with one sign-on
> yet strongly encourages separation of identities and strong passwords
> for sites.
the oneid people would say: "it is still a shared secret"
-chris
More information about the NANOG
mailing list