[OpenID] allowing users to switch to opendid-only: pointless?
Nicolas Holzapfel
signup at nholz.com
Sat Jun 6 21:14:30 UTC 2009
Thanks for everybody's responses about my query regarding how to
justify an option for users to remove their original password. Sorry
about taking so long to reply.
Shade: my co-designer's counter-argument would be that there is no
backdoor if the user just stops using their original password since
that would make it practically 100% secure.
Andrew: my co-designer would say that you are insane. Do you have any
specific arguments to defend yourself from this accusation?
Martin: so you think there is probably no point in the remove-password
option?
Eric: there would be no requirement. It would be optional.
Santosh: Shade said everything (and more) which I would say in reply
to those points.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090606/74b2cb73/attachment.htm>
More information about the general
mailing list