28 Jun 05:28
Re: [OpenID] OpenID and SSO
From: SitG Admin <sysadmin <at> shadowsinthegarden.com>
Subject: Re: [OpenID] OpenID and SSO
Newsgroups: gmane.comp.web.openid.general
Date: 2008-06-28 03:28:06 GMT
Subject: Re: [OpenID] OpenID and SSO
Newsgroups: gmane.comp.web.openid.general
Date: 2008-06-28 03:28:06 GMT
>once you're inside you tend to have access to it all. As a matter of policy, the passwords that have the greatest need to be secure ought to be more difficult to remember - they can't be written down or frequently used (the latter nullifies this and the latter weakens it). As a general principle, any password that requires you to sit there for a few minutes just to figure out what it was, has greater security. The same could apply to other areas. Take the physical token you carry around with you all the time, versus the one that is locked up in the vault at a local bank - someone mugs you for the everyday token and doesn't get the ability to make any severe changes. -Shade
RSS Feed