On Tue, Apr 27, 2010 at 5:51 PM, Alan Johnson <a...@datdec.com> wrote: > Personally, I like the open id concept. Assuming you have a secure > provider, and a secure password/cert with them ...
So, it fails on both counts, then. HHOS. Large-scale SSO systems scare me because if the SSO host is compromised, they've got access to *all* your stuff. It also tends to mean you've got a small number of high-value, high-profile targets. I suppose if you run your own OpenID host, you can make most of that go away (although if your own SSO ID is ever compromised you're still humped). But that seems like rather a corner-case to me; anyone who can do that is likely okay managing other authentication mechanisms. -- Ben _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/