This is IceBrain's Typepad Profile.
Join Typepad and start following IceBrain's activity
Join Now!
Already a member? Sign In
IceBrain
Recent Activity
What truly shocked me in this story were the weak password, not of the users, but of the workers. I mean, "arthur"? Really? Personally, I use a system suggested by a fellow Slashdotter: I take a fixed password, append the website's domain, hash it and cut it to 20 chars (plenty of websites have a small upper limit on password length - incredible but true). For example, a possible password (not a real one, the domain is fake) is 9131d179c92b286a5474. Of course, this is for random websites which I don't _really_ care if someone takes over my account - never for something so important as access to a major website's admin account! As for OpenID, I think it's fine as long as I control the URL that identifies me. Right now, if someone hacks and takes control of http://andreparames.com/, I can simply unplug the server, as it's a laptop running in my bedroom. Similarly, if someone hacks myOpenID.com, I can simply change my provider in my website. But using someone else's domain as my ID is a no-go to me, and for most people that's what they'll do.
Toggle Commented Dec 14, 2010 on The Dirty Truth About Web Passwords at Coding Horror
Posted using my OpenID :) @Vicentvw: Twitter uses OAuth. Facebook as also pledge to support OpenID: http://developers.facebook.com/blog/post/246 I agree with this post; which doesn't mean OpenID should be a strong authenticator, I should be able to create accounts without them being linked to my real identity.
Toggle Commented Nov 24, 2010 on Your Internet Driver's License at Coding Horror
IceBrain is now following The Typepad Team
Nov 24, 2010