[OSM-dev] OpenID for OpenStreetMap?
Simon Ward
simon at bleah.co.uk
Thu Feb 10 18:05:00 GMT 2011
On Thu, Feb 10, 2011 at 07:02:27AM -0500, Mike N wrote:
> >Frankly though a bigger question is whether we want to. I've never been
> >that convinced because OpenID just doesn't seem to be getting the
> >necessary traction to really work.
>
> I'm not sold on OpenID either - I know the pro arguments, but with
> OpenID, if you're keylogged or phished, they have full access to all
> accounts immediately.
If I’m keylogged, the key used to protect my passwords via my password
manager is compromised, and an attacker has access to all of my
traditional username/password credentials, and their accounts, anyway.
Simon
--
A complex system that works is invariably found to have evolved from a
simple system that works.—John Gall
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.openstreetmap.org/pipermail/dev/attachments/20110210/0a50bf54/attachment.pgp>
More information about the dev
mailing list