[security] how secure is openid? advise pls..
kevin lochner
klochner at gmail.com
Mon Feb 9 19:05:56 UTC 2009
On my openid account i've enabled phone authentication (CallVerifID),
so any time I log in I get a phone call (press "#" to login). Seems
pretty bomber to me, maybe you could recommend your users do the same.
On Feb 9, 2009, at 2:02 PM, Balasubramanian G wrote:
> Dear all,
>
> I recently started working upon making my site openid enabled. when
> i was having a talk with my friend abt this, he pointed a series of
> articles in the internet which describe the vulnerabilities in using
> openid. Though my site does not deal with any sensitive data, i just
> want to make sure that its safe to the users if not 100%, atleast to
> the max extent.
>
> So, pls advise me on how secure is openid and wht safety measures
> should i implement in order to make it more safe as i am answerable
> to the users of my site if they raise the question of security..
> Reply ASAP
>
> Warm Regards
> Balasubramanian
> _______________________________________________
> security mailing list
> security at openid.net
> http://openid.net/mailman/listinfo/security
More information about the security
mailing list