XML co-inventor Tim Bray, speaking at the recent DevBeat conference in San Francisco, argued for the use of federated identity services.
"Passwords are bad," Bray says. "They are not your friends. They are not your users' friends." He characterizes password requirements such as making users use eight or more characters and a certain number of numerals and special characters in a password as "mean."
Bray says users have difficulty formulating multiple strong passwords and thus use the same login credentials across the Internet, making them all vulnerable if one is exposed in a data breach. He says it makes more sense to move toward federated identity management services, where users tie their many disparate online accounts to a single central account with large providers, which have the resources to adequately monitor for and defend against intruders.
"You're better off putting all your eggs in one basket and watching that basket very carefully," Bray says.
He also advocates for the use of new identity protocols such as OAuth and OpenID, as well as the proliferation of new authentication technologies such as biometrics.
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA