Posted on 03/21/2012 6:45:16 AM PDT by GiovannaNicoletta
Steve Kirsch wants to swap his 352 user names and passwords for a simple single click sign-in.
The Silicon Valley entrepreneur with 30 years’ experience hopes to take the web by storm with his new startup, OneID.
(Excerpt) Read more at mashable.com ...
Steal one, steal all...
Nice idea, may be but I wouldn’t do that if someone paid me a LOT of money!
What could possibly go wrong.
/s
“The computer sends verification to your phone, assuming that is your second device of choice. The user then verifies the login on a second device. If the user doesn’t have another device, they enter a pin.”
That sounds incredibly convenient....and a pin is nothing like a password.
lol
The risk I see is the investors losing their money.
Hack one site and you instantly have every site the person has.
So pretty much, spoof one cell tower, one “man in the middle” attack on one made-in-China iPad, and a thief not only has access to everything on that phone, but the home computer which might be sitting at home, with the home security system waiting to be told, to raise the garage door?
I see no opportunity for anything bad happening here...
No. What could possibly go wrong.
/s
BWHAHAHAHAHAH
Use it for blog sites/news groups etc. & keep your Paypal, online banking etc. separate.
Moron idea but it should appeal to the masses who use “password” as their password on all of their accounts. I’m sure identity thieves will love this idea.
without your consent how can an interviewer even know you exist on a discussion site?
all should be different.
without your consent how can an interviewer even know you exist on a discussion site?
all should be different.
No, I don’t want to do this!
Good intentions, decent idea, but very poor security.
The entire point of multifactor authentication is to create multiple layers of protection for both the user and the system(s) they are accessing.
Single sign-on is fine for an enterprise situation where access is strictly controlled (Smart cards, etc.), but the entire point of multi-factor and multi-layer security is so that a person doesn’t get ‘the keys to the kingdom’ at one time.
I can say with certainty that I would not want to trust my comapnies security to a person that has a single sign-on that I have no control over or trust in. You are GOING to authenticate to my servers with s SEPERATE USERID/PASSWORD and that is non-negotiable.
There’s a reason that I have separate sign-in names and passwords for the various accounts that I have on line. Using the same PW for all vital accounts is an invitation for identity theft!
We had this at our software company in the early 1990’s. Issues with type 1 and type 2 errors was a pia (Pain In Asssss.
figerprint scanners were supposed to be the “one id”. Then theives figured out you could just cut off the finger needed and scan it to gain access. (computer files, bently auto, open door, etc...)
The popular program “Roboform”
already has this covered
and its free.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.