I want to see the death of superfluous passwords. OpenID is getting close....
Here is the thing, unless you are making bank software or software for the government that requires lots of BS, (In which case you should partner with another password provider and authenticate through them, like the army CORE authenticates through AKO.) Don't HAVE rules for your passwords. Salt the passwords to protect your databases, code properly so if someone breaks into an account they can't break into your system at large, and otherwise try to minimize the damages. But it is unacceptable to put that burden on the user. Passwords aren't any more-or-less secure than other methods, like a combination of remembering IP addresses, using other personal data for login and requiring extra steps when things don't line up. Try this: When a user creates an account, log their IP. In today's broadband world, IP is pretty stable. So most users won't need to do extra steps to prove who they are. Use personal info like their email address. name, or whatever as login creds. They aren't going to forget this stuff, and it is unlikely that their name will change. Here is the thing, when anything doesn't line up, go to stage two. Remember those security type questions? Toss them out. Here is what you ask: What is your cell phone number? What is your home phone number? What is the street you live on? What is your mother's first name? What is your father's first name? What is your birthday? Where were you born? Ask only these questions, but ask all of them. If they get more than 5 wrong, it fails. And if they get 3 to 5 wrong. Go to step 3. Also, log any inconsistent answers and depending on how they handle step 3, or if they got 2 or less wrong, we are going to add them to the list of acceptable answers. Step 3, you send an e-mail to their address and provide them with a phone number to call if you can afford to do that. They can then authenticate using their account-email, in which case their wrong answers become right answers. (for some questions they are replaced, others they are added to the list.) So the system will authenticate on things that are simple and already remembered for most people to begin with. It will ask questions that have concrete answers that for the most part never change, and when they do change, and the user answers them differently, then in falls onto e-mail verification. Can this system be hacked? Sure. But here is the deal, it won't let a hacker log in as someone unless they are using that person's IP AND know their creds. Which means they know who they are attacking, and that means you can't stop the attack with a perfect password anyway, since that user most likely saved the password into their keychain anyway. If the attack is coming from afar, it is more secure than a password. Since you'd have to crack open what amounts to a e-mail shaped password, and a 7 word dictionary password. Which is like if I made my password this: donkeybuttercangearspeopleverifyempire Which is an extraordinarily secure password. And, it will only progress to step 3, email verification, if they can guess 3 of those questions. Not impossible, but considering all any other system will do is let the hacker request an e-mail right away, if they hacked that e-mail address, they are in. In this system, they have to guess 3 of the questions before it can do that. This is just something I thought up now. I'm sure there are many solutions to this problem that don't force the user to remember garbage. Will . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Posted from the new ixda.org http://www.ixda.org/discuss?post=34744 ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [EMAIL PROTECTED] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
