Unfortunately.. since the site is based in india, and 90% users are indians i cannot use callverifID too..
Warm Regards Balasubramanian Doug Larson - "Instead of giving a politician the keys to the city, it might be better to change the locks." On Tue, Feb 10, 2009 at 12:35 AM, kevin lochner <[email protected]> wrote: > On my openid account i've enabled phone authentication (CallVerifID), so > any time I log in I get a phone call (press "#" to login). Seems pretty > bomber to me, maybe you could recommend your users do the same. > > > > On Feb 9, 2009, at 2:02 PM, Balasubramanian G wrote: > > Dear all, >> >> I recently started working upon making my site openid enabled. when i was >> having a talk with my friend abt this, he pointed a series of articles in >> the internet which describe the vulnerabilities in using openid. Though my >> site does not deal with any sensitive data, i just want to make sure that >> its safe to the users if not 100%, atleast to the max extent. >> >> So, pls advise me on how secure is openid and wht safety measures should i >> implement in order to make it more safe as i am answerable to the users of >> my site if they raise the question of security.. Reply ASAP >> >> Warm Regards >> Balasubramanian >> _______________________________________________ >> security mailing list >> [email protected] >> http://openid.net/mailman/listinfo/security >> > >
_______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
