[153509] in North American Network Operators' Group
Re: LinkedIn password database compromised
daemon@ATHENA.MIT.EDU (Michael Hallgren)
Thu Jun 7 17:36:51 2012
From: Michael Hallgren <m.hallgren@free.fr>
To: Randy Bush <randy@psg.com>
In-Reply-To: <m2haunjbqi.wl%randy@psg.com>
Date: Thu, 07 Jun 2012 23:35:59 +0200
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi Randy,
Le jeudi 07 juin 2012 à 10:03 -0700, Randy Bush a écrit :
> hi etaoin,
>
> > I still don't want single sign on. Not anywhere.
>
> i believe that 'single sign on' is a bad deal and dangerous for all, not
> just we geeks. essentially it means that the 'identiry provider' owns
> your identity. i love that they call themselves 'identity providers'
> when it is MY fracking identity and they are reselling it.
I agree.
>
> the 'single sign on' i encourage for the end using human beings i
> support is 1password and its ilk. it provides the user with one sign-on
> yet strongly encourages separation of identities and strong passwords
> for sites.
>
Local repository of passwords, aggregation in a way. Right? Encrypted?
Open source?
> add to that, something such as ghostery for your browser, and you have a
> small chance of actually preserving your identity and minimizing cross-
> site tracking.
>
> randy
mh
>
