in reply to OpenID alternatives, what do you suggest

I suggest a password and/or key wallet at the client end. Secure that by biometrics, passphrase, trusted key, or however you want to secure your own password wallet.

This solution allows you to have separate keys or passwords for separate sites. If one gets compromised, then you have partitioned the damage. The only way all of your personal site credentials get stolen is if your wallet software (or hardware) gets compromised. That package and its data are in your possession on a system you, your employees, or your contractors secure. You're not depending on some site on which you may or may not be currently active to keep your credentials for everything safe.

This solution also allows you to have a single sign-on experience at your own expense and effort without pulling in the resources of site administrators or effecting the credential storage of other people. You keep your passwords over there and I'll keep mine over here. I think that works well enough for everyone.

I'm not sure this has anything to do with Perl unless you're assuming that Perl will be the implementation language.

  • Comment on Re: OpenID alternatives, what do you suggest

Replies are listed 'Best First'.
Re^2: OpenID alternatives, what do you suggest
by zentara (Cardinal) on Sep 23, 2008 at 18:30 UTC
    I like that. Maybe with the leaps forward they are making with miniaturization, they could have a credit card sized thing, that stores many keys, can read your thumbprint, and has a built-in mini-keyboard for entering passwords on the card. Looks like the guy testing this Electronic Paper is trying to hide his thumbprint. :-)
    I'm not really a human, but I play one on earth Remember How Lucky You Are
[reply]
      I was thinking a USB or Bluetooth connection to the hardware versions. One with its own miniature keyboard could come in handy in a pinch, though. I tend to use KWallet or something similar on my PCs already.
[reply]

In Section Meditations