Conversation
Notices
-
@habi @evan I prefer to log in with distinct accounts; logging in with another account seems dreadfully insecure
-
Why's that?
-
@laurelrusswurm I think it is more secure than having accounts on fifty different sites.
-
@evan It's that "all the eggs are in one basket thing" ... when one account gets hacked, all are at risk
-
it doesnt help that most people only use a single password for everything.
-
@laurelrusswurm Unfortunately, that is even more true with fifty independent accounts, b/c people will reuse passwords and secret questions.
-
I like OpenID because I can make sure that the login mechanisms I use are actually decent.
-
But you only have to change your credentials once after you become aware of the situation.
-
@lnxwalt maybe "people" will, but I don't :)
-
@coyo Yes, that's a problem that's part of the problem most people don't understand why not to.
-
@coyo problem made worse when those entrusted with our personal info being more concerned with the appearance of security than real security
-
@coyo Security Questions routinely include "mother's maiden name" which is outrageous, since its a matter of public record.
-
@coyo the only way security questions are secure if your answer is actually the answer to a different question #becomescumbersomequickly
-
@evan I know enough to be careful; but knowing what is decent is far more difficult for non-tech folks.
-
@ I've heard OpenID is good, but this thread made me thing Google has something to do with it... is that true?
-
think ;o
-
@laurelrusswurm No, but a Google account (or a Yahoo or Hotmail account) is an OpenID.
-
@laurelrusswurm Also, Wordpress dot come and Typepad accounts are #OpenID s
-
@laurelrusswurm Google uses OpenID but they aren’t directly involved. You can actually host your own OpenID provider, I do. ;) http://simpleid.sourceforge.net/
-
Google is an OpenID provider, but it didn't invent OpenID.
-
@laurelrusswurm Or another provider that isn’t connected to the big names, such as: https://www.myopenid.com/
-
@zoowar if you have a lot of accounts, that can still be a lot of breaches, even in the short space until you discover it
-
@laurelrusswurm I have to say given recent breaches, I’ve rethought my position and unique userid’s & passwords seem the prudent policy anymore, trumping the convenience.
-
@evan My concern is if Google has access to OpenId data; my thinking is Google knows far too much about all of us already w/o giving more
-
If you use a Google OpenID, yes. If you don't, no.
-
@parlementum When #Gawker media's pw db was cracked, I was glad I'd only posted via #OpenID. When #LinkedIn's pw db was cracked, I had to contact them to ensure they'd purged my already-closed acct's info. In my eyes, OpenID is *much* more secure.
-
@lnxwalt280 But if you don't use the OpenID aspect to log in elsewhere, I don't think there is a problem. Or is there?
-
@laurelrusswurm No, #OpenID only affects you if you use it.
-
@jpope again, that's something techfolks can do; just not practical for the average bear.
-
@jpope A small company is still made up of total strangers to me. Do I trust them?
-
@parlementum that sounds ominous. Is everything okay now?
-
-
@laurelrusswurm At one point, @evan and StatusNet Inc. was a total stranger to you… ;)
-
@laurelrusswurm I think eventually, local techfolks will offer #OpenID along with mail, #XMPP, and hopefully #federated #socnet services.
-
@laurelrusswurm I'm actually planning on doing that for family, once I move mail off of fastmail.fm. mail, #XMPP, #OpenID, and more.
-
i cant wait to have my own #vps it's gonna be so much fun!
-
@laurelrusswurm Nothing happened to me personally, but reading of many breaches led me to rethink my strategy.
-
@jpope True; but it was recommended by one I trust. I was a believer in networks of trust before learning about the digital varient :)
-
I am an average bear and I am going to look into it
-
@whistlewright Sounds smarter than the average bear to me.
-
the average bear doesnt look into anything. they just accept what the news entertainment corporations tell them.
-
@laurelrusswurm Alrighty, understood. ;)
-
All 280 content and data are available under the