Single Sign-on - Security

Security

In March, 2012, a research paper reported an extensive study on the security of social login mechanisms. The authors found 8 serious logic flaws in high-profile ID providers and relying party websites, such as OpenID (including Google ID and PayPal Access), Facebook, Janrain, Freelancer, FarmVille, Sears.com, etc. Because the researchers informed ID providers and relying party websites prior to public announcement of the discovery of the flaws, the vulnerabilities were corrected, and there have been no security breaches reported.

The problem we see now is that many websites are adopting Facebook’s “Connect” and OpenID to allow for one-click logins to access a website. You sometimes don’t even have the choice of making a separate account on that site, meaning you can’t “opt out” of these SSOs. Sure, your information stays safe with that site, but it’s also stored within a central database under Facebook’s control. While there’s nothing wrong with this, there’s just too much risk involved in putting all your sensitive data from all over the web into one massive identity bubble. —"Does Facebook Federation Have Your Best Interests At Heart?

Read more about this topic:  Single Sign-on

Famous quotes containing the word security:

    Happiness is peace after strife, the overcoming of difficulties, the feeling of security and well-being. The only really happy folk are married women and single men.
    —H.L. (Henry Lewis)

    Is a Bill of Rights a security for [religious liberty]? If there were but one sect in America, a Bill of Rights would be a small protection for liberty.... Freedom derives from a multiplicity of sects, which pervade America, and which is the best and only security for religious liberty in any society. For where there is such a variety of sects, there cannot be a majority of any one sect to oppress and persecute the rest.
    James Madison (1751–1836)

    Those words freedom and opportunity do not mean a license to climb upwards by pushing other people down. Any paternalistic system that tries to provide for security for everyone from above only calls for an impossible task and a regimentation utterly uncongenial to the spirit of our people.
    Franklin D. Roosevelt (1882–1945)