Allowing less secure apps - "Goozilla" vs Mozilla
Patrick O'Callaghan
pocallaghan at gmail.com
Tue Feb 10 16:51:32 UTC 2015
On Wed, 2015-02-11 at 00:07 +1030, Tim wrote:
> > but just to cherry-pick this specific point: Gmail 2FA allows you to
> > print a list of 10 authentication codes for use in case you lose
> your
> > phone or change the number (and of course changing the number just
> > means registering the new one when logged in).
>
> While that's good to know, my objections to things like that aren't
> just
> about Google. Other systems do some annoying authentication routines,
> and it's going to be a real pain having to deal with yet more schemes,
> each different.
Several attempts have been made to unify authentication system (OpenAuth
being one). They all have problems. A recent one that looks very
interesting is a proposal from IBM (https://idemixdemo.mybluemix.net/).
Unfortunately it means entrusting your security to a central authority.
The trade-off is that services needing authentication only get to see
the minimum information they need to make a decision.
poc
More information about the users
mailing list