Links

Ben Laurie blathering


NYT Doesn’t Quite Get It, Hilarity From OpenID

The New York Times’ Randy Stross has a piece about passwords and what a bad idea they are (sorry, behind a loginwall). So far, so good (and I’ll admit to bias here: I was interviewed for this piece, and whilst there’s no attribution, what I was saying is clearly reflected in the article), but Stross weirdly focuses on OpenID as the continuing cause of our password woes, because, he says, it is blocking the deployment of information cards, which will save us all.

Now, I am no fan of OpenID, but Stross is dead wrong here. OpenID says nothing about how you log in. It is not OpenID’s fault that the login is generally done with a password – that blame we must all accept collectively.

And whilst I firmly believe that the only way out of this mess is strong authentication, information cards are hardly the be-all and end-all of that game. They certainly have a way to go in usability before they’re going to be taking the world by storm. Don’t blame OpenID for that.

In the meantime, Scott Kveton, chair of the OpenID Foundation board, reacts:

The OpenID community has identified two key issues it needs to address in 2008 that Randy mentioned in his column; security and usability.

I just have to giggle. I mean, apart from those two minor issues, OpenID is pretty good, right? He forgot to mention privacy, though.

3 Comments

  1. Methinks he forgot to mention the level of assurance concept too, and risk assessment, and …

    Comment by Eric Norman — 10 Aug 2008 @ 17:20

  2. “Our three main weaknesses are usability, security and privacy. And level of assurance. Hold on, I’ll come in again… Amongst our weaknesses are…”

    Comment by Pat Patterson — 11 Aug 2008 @ 10:37

  3. If you’re doing an OpenID login (or any login) with a password, you’re probably doing it wrong. Client-side TLS certs / myVidoop imageshield, call verifID, there are better options

    Comment by Stephen Paul Weber — 20 Aug 2008 @ 12:50

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress