Didn't really explain the link between the inkblot service and the OpenID SSO solution in my previous post. The real benefit is linking it with Web-based single sign-on (SSO). You create one really strong password using the inkblots and use it to log into an OpenID provider. The OpenID provider then validates your authentication to any OpenID-compliant site on the Web where you have a password-protected account. That means you don' t have to create a password for each Web site you visit because the Web site trusts the OpenID provider to do that authentication. So the benefit is you don't have all those passwords for different sites. You don't have to do the "remember password" thing and then have the password in clear text stored in your in-box folder. Of course, the one password system requires the user have a strong password and this is where the inkblot method comes in handy. It is a single point of failure. If someone cracks that password they can get into all your accounts. For this combination of technologies to fly , OpenID has to become more widely accepted. It is picking up steam, Microsoft supports it in CardSpace, and version 2.0 of Open ID was just released and together with a productified inkblot service, it has the potential to be a both secure and userfriendly service.
© Copyright 2007, Tomas Elfving
0 kommentarer:
Post a Comment