Ryan Lane wrote:
http://newsarse.com/2010/08/13/if-you-can-remember-your-password-then-its-ho...
Passwords suck, and people are a problem. Now, if we could distribute RSA fobs to every editor ...
We could do a less secure, but more-secure-than-passwords alternative, which is to use email or SMS as a one time password device. SMS is obviously more secure than email, but would require us to ask people for their phone numbers. We could also make a PKI infrastructure, and allow certificate login, which is obviously safer than passwords.
The real problem with any system stronger than passwords, is that it requires a level of complexity that would be difficult for us, and either annoying or very confusing for users.
Respectfully,
Ryan Lane
OpenID? The account my own OpenID is tied to has two-factor authentication.
~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://daniel.friesen.name]