Jun. 14th, 2004

SSO/RSO/USO/Oh-no.

Jun. 14th, 2004 08:25 am
doc_strange: (Agamotto got nothing on this.)
The recurrent corporate drive to create a reduced, single, unified, etc. sign-on process is something I've been chewing on for a while. The continual rush back to passwords, to ONE password for everything, really blows me away. As an IT security professional, it strikes me as a serious backslide. I differ from many of my contemporaries in that I think even "good" passwords are (usually) a bad idea.

The only thing that's wrong with password authentication is that it uses passwords. )

Terminology and why SSO is not always bad security )

Thinking about authentication as an _evidence_ problem )

The RSO/SSO/USO/Oh-no lifecycle at large organizations )

How's YOUR authentication quagmire?
  • Current Mood: contemplative
  • Current Music: news on the radio
  • Add Memory
  • Share This Entry

Profile

doc_strange: (Default)doc_strange

Navigation

April 2025

S M T W T F S
  12345
67891011 12
13141516171819
20212223242526
27282930   

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 4th, 2025 08:11 am
Powered by Dreamwidth Studios