[OpenID] Phishing? Web browser integration?
Axel.Nennker at telekom.de
Axel.Nennker at telekom.de
Sun Sep 12 17:44:06 UTC 2010
https://mozillalabs.com/conceptseries/identity/connect/
<https://mozillalabs.com/conceptseries/identity/connect/> (Mozilla
Chris Messina)
http://ignisvulpis.blogspot.com/2010/02/openinfocard-openid-selector.htm
l
<http://ignisvulpis.blogspot.com/2010/02/openinfocard-openid-selector.ht
ml> (me)
http://self-issued.info/?p=235 <http://self-issued.info/?p=235> (Mike
Jones)
-Axel
________________________________
From: openid-general-bounces at lists.openid.net
[mailto:openid-general-bounces at lists.openid.net] On Behalf Of Alessandro
Preziosi
Sent: Sunday, September 12, 2010 6:50 PM
To: openid-general at lists.openid.net
Subject: [OpenID] Phishing? Web browser integration?
Hi everybody,
A couple of days ago I used openID for the first time.
It was on a low traffic website and when i clicked on the button it
redirected me to Google's login page, where I had to insert my google
password.
Before doing so, I double-checked the address because I'm aware of
phishing scams, but I'm afraid the vast majority of people would not do
so.
I think we're kind of lucky that openID isn't widespread, otherwise many
people could see their email accounts stolen, and with them all the
other accounts (paypal etc.).
I think this is a MAJOR flow, and the only solution that i see would be
to try to integrate openID in the browser in some way, to make phishing
impossible.
Any ideas? Any comments?
Have a nice day,
Alessandro Preziosi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20100912/ad8d339a/attachment.html>
More information about the general
mailing list