RE: How to fix authentication (was LinkedIn)

[Drew Weaver <drew.weaver () thenap com>]

There should be a way to authenticate the same user differently depending on what device they're using and tie it all 
together in a central place; of course if that central place gets compromised it would be horrible..

Still, I think it would help if you use the same password on every site if your browser could encrypt or hash the 
password before it sends it to the website.

That way at least if the website doesn't properly store the passwords they'll be encrypted anyway =)

-Drew


-----Original Message-----
From: Jay Ashworth [mailto:jra () baylink com] 
Sent: Wednesday, June 20, 2012 7:27 PM
To: NANOG
Subject: How to fix authentication (was LinkedIn)

----- Original Message -----
> From: "Leo Bicknell" <bicknell () ufp org>

> SSL certificates could be used this way today.
>
> SSH keys could be used this way today.
>
> PGP keys could be used this way today.
>
> What's missing? A pretty UI for the users. Apple, Mozilla, W3C, 
> Microsoft IE developers and so on need to get their butts in gear and 
> make a pretty UI to create personal key material, send the public key 
> as part of a sign up form, import a key, and so on.

Yes, but you're securing the account to the *client PC* there, not to the human being; making that Portable Enough for 
people who use and borrow multiple machines is nontrivial.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra () baylink com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274