socialmedian: New prototype could really help OpenID

User-submitted headlines for this story

Clips

Source: Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader

Nov 03, 2009

Summary

I’ve sometimes been of two minds about OpenID. I’ve always seen it as alluring because of its simplicity and openness. It seemed perfect for simple web applications.

But in my darker moments, I worried about some of the system’s usability and security issues. In particular, I was concerned about how easy it would be for an “evil site” to trick users into going to a web site that looks identical to their OpenID provider, convincing them to log in, and then stealing their credentials. If this were to happen, everything that is good about OpenID would turn into something negative.

OpenID has become a key part of the Identity Metasystem

I think many of us involved with the OpenID community came to the same conclusions, but felt that if we kept trying to move adoption forward, we’d be able to figure out how to solve the problems. In the last year, OpenID has without doubt become the most widely adopted system for reusable internet identity. Adoption by destination sites continues to grow dramatically: approximately 50,000 sites as of July 1, 2009. The big Inte

...Read the full article

Comments (0)

Add Your Comment