[153486] in North American Network Operators' Group
Re: LinkedIn password database compromised
daemon@ATHENA.MIT.EDU (Randy Bush)
Thu Jun 7 13:05:02 2012
Date: Thu, 07 Jun 2012 10:03:17 -0700
From: Randy Bush <randy@psg.com>
To: Lynda <shrdlu@deaddrop.org>
In-Reply-To: <4FD0DC6C.9060502@deaddrop.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
hi etaoin,
> I still don't want single sign on. Not anywhere.
i believe that 'single sign on' is a bad deal and dangerous for all, not
just we geeks. essentially it means that the 'identiry provider' owns
your identity. i love that they call themselves 'identity providers'
when it is MY fracking identity and they are reselling it.
the 'single sign on' i encourage for the end using human beings i
support is 1password and its ilk. it provides the user with one sign-on
yet strongly encourages separation of identities and strong passwords
for sites.
add to that, something such as ghostery for your browser, and you have a
small chance of actually preserving your identity and minimizing cross-
site tracking.
randy
