I’ve been spending quite a bit of time recently creating a login system (coping with OpenID, Facebook Connect and Microsoft LiveID/Passport) and, of course, the “common and/or garden” email address and password system.
Whilst we do deal with credit card and payment details on the system, it doesn’t need to be “that secure” relating to user authentication (hence we haven’t need to consider proper two-factor logins: where you login with one password and then need to login again using something else). However, recently security snafus (such as the WebHostingTalk database exploit) is making me think that perhaps we should consider offering an alternative to the standard password system.
There are a hardware one-time password tokens out there such as MyPW (which is very similar in looks to the token used by HSBC Bank) and YubiKey (as used by Tom at Nominet) along with Verisign’s VIP Authentication system for iPhones: however, all these OTP (One Time Passwords) systems are designed to be used in conjunction with an existing username and password (i.e. two-factor logins): but has anyone actually implemented a login system which uses the OTP as the SOLE password?
Any pluses/minuses or thoughts about it? Even if you haven’t implemented it, but just think it’s a good or bad idea – please let me know!
News: Well Done Assistant Commissioner Bob Quick
April 9th, 2009If you’ve been even slightly following the news, you might have read that “Britain’s most senior counter-terrorism officer Assistant Commissioner Bob Quick” made a security blunder on Wednesday the 8th of April by accidentally exposing a “Secret” document to Downing Street photographers (technically a breach of the Official Secrets Act).
However, he has done the honourable thing and actually resigned over the issue stating “I have today offered my resignation in the knowledge that my action could have compromised a major counter-terrorism operation.”. It just makes such a refreshing change for somebody quite high up in the country to take responsibility for their actions: now I just wonder if the G20 officer who hit a bystander with his baton and pushed him to the floor or Jacqui two homes/husband pay-per-movie expenses Smith will resign over costing people their lives and the tax payer over £116,000 for secondary houses [including £568.95 for TWO washing machines and £500 on a shower mixer!].
Share this:
Like this:
Comments Off on News: Well Done Assistant Commissioner Bob Quick »
Posted in Life: News Commentary
Tags: bob quick government jacqui smith news resign