Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

OpenID could be more secure with alternative to single password

Gridsure : 30 November, 2009  (Technical Article)
GrIDsure CEO comments on the security of the use of OpenID solutions and proposes an alternative to the use of static passwords
Following the news that Google profiles can now be used as OpenID solutions, Stephen Howes, CEO for GrIDsure adds his thoughts to the opinion pool. The use of OpenID has some great advantages, however it still hinges on the use of traditional static passwords, which many now agree are passed their use-by-date.

"While the use of OpenID systems are a very good step in the right direction, there are a few points that need to be considered. Firstly, the idea of technologies like OpenID and Open Auth need to be explained in simple, understandable terms to the man on the street. The average person will only use a technology like this if he or she understands it and therefore trusts it. I believe many people will struggle with the concept of having a third party involved in managing their login access, so there is a need for explanation and education if it is to be a success.

"My second point is that with OpenID you are putting all your eggs in one basket, which is secured by a single password. While there are good arguments for doing this you must then be ready to guard them very well. Using static passwords as the only protection is not a particularly secure means of doing this. As with so many security technologies, you must be aware of where the weakest link is, and as Google's OpenID still uses a static password this will be the biggest area of vulnerability."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo