[OpenID] Choice of recovery method(s)
SitG Admin
sysadmin at shadowsinthegarden.com
Tue May 11 21:29:54 UTC 2010
A recovery method is, in some circumstances, equivalent to a back
door; claim that the primary account has been hacked, and you trump
the trusted authentication method. If that primary authentication
method (let's assume OpenID) does get hacked, though, or turns
hostile/rogue (or is compromised/replaced), you *want* to be able to
override its authority somehow. OpenID gives users an account with
their OP (*it* worries about password recovery, to authenticate the
user), and that OP an account (more, if multi-user) with its RP (*it*
has to worry about password recovery, complicated by needing to
decide whether to authenticate the OP or the user), and the sheer
variety of password/recovery methods (and which might be reliably,
why/when) could take paragraphs if I tried to go into it all.
The question I raise (for discussion) is whether security would be
improved by setting up for flexibility, and then permitting the
*user* to choose how their accounts would be configured for
authentication and recovery?
-Shade
More information about the general
mailing list