Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Static Password Brings Vulnerability to Orange ID Selector

Gridsure : 28 May, 2010  (Technical Article)
Productivity tool from Orange enabling cross access from one password protected site to another exacerbates the problems associated with static password protection
Orange has unveiled a new tool allowing its customers to login to websites using existing details from a variety of other websites, such as Twitter and Facebook. Stephen Howes, CEO for GrIDsure, believes that the system will be vulnerable as it still relies on a static password:

"While a universal sign-in system can be great from an end user perspective, there are a few points that need to be considered. Firstly, technologies such as Orange's ID selector and other OpenID systems need to be explained in simple, understandable terms to the average consumer as they will only use technology like this if they understand and trust it.

"Secondly, with a system like this, you are effectively putting all of your eggs in one basket, which in this case is secured by a single, static password. While there are good arguments for doing this you must then be ready to guard the eggs very well and using static passwords is not a particularly good way of doing this."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo