On Mon, May 4, 2020 at 11:03 AM John Jason Jordan <joh...@gmx.com> wrote:
> On Mon, 4 May 2020 09:24:37 -0700 > Ben Koenig <techkoe...@gmail.com> dijo: > > >> PSU is closed. Google can't confirm your student id number. > > PSU is opening and fully functional. All that happened is that all > classes are now online. Some describe this with the expression 'the > campus is closed,' but that is not really accurate, and it leads to > misinformation. Anyway, I just logged in to my PSU account, so it is > definitely working. > > >These web-based authentication systems are incredibly fragile. > > I can't speak knowledgeably about how fragile they are, but they sure > create problems for those of us who can't remember all of our hundreds > of usernames and passwords. > > Would it be possible to create a universal personal code? I mean not > part of a corporation like Google, or a nation, like the USA. It would > have to be run by a totally independent organization, one that everyone > trusts implicitly. Such systems have been tried in the past, but always > by corporations who try to leverage it into a way to own the internet. > Yes, you can either move to some sort of hardware-based GPG key like Yubikey, or use a password manager. the problem you are running into is that Google's "two factor authentication" isn't really two factor. It's Two STEP authentication. You are basically logging in with two different passwords, one of which is randomly generated and sent to your phone. It's a really stupid hack that was created to avoid creating a proper vendor-neutral standard. At some point in the future, you will probably be able to implement proper two factor authenticaion using a 3rd pary GPG key, probably stored on a special usb device to prove the "something you have". But for now, what you probably need to do is find a password manager, and use it to remember all your passwords. I've started using the KDE wallet, which encrypts all my passwords with a GPG key. My browser (Falkon) uses the wallet to store usernames and passwords. It's nice because unlocking the wallet and accessing my stuff is an offline process, the password never gets transmitted to the network. > I see the difficulty with such a system would be making sure that each > human on the planet could have only one unique personal code. That > maybe the downfall of the idea. > Allowing people to have multiple online ID's is good for privacy. Work ID, personal ID, Gamer ID, etc. It's more an issue of getting service providers to agree on a standard. Then users can create as many ID's as they deem necessary. > > I am thinking of a system for backups. Websites can still have their > usernames and passwords, but when a user loses their password/username > the universal personal code can verify who they are, and lots more > securely than 'what school did you attend for the first grade?" Password managers are recommended these days. I use kwallet. > > Or maybe I'm just venting my frustration. > You are, but others share that frustration. A few years ago Costco migrated all their internal IT services to the google cloud for things like email and file sharing. This also included getting the entire company set up with Two Step Authentication for what were essentially just normal google accounts with an @costco.com instead of gmail. They literally hired a 3rd party tech support contractor specifically to take phone calls to onboard employees. Over the course of several months, employees called in waves to go through their first time setup and walk through the basics of two step authentication. My point is that costco is a huge company employeeing a massive amount of people all over the US and Canada and moving them over was not a smooth process. Apparently Google's support for their own process is so weak, that third party support companies have to pick up the slack. > _______________________________________________ > PLUG mailing list > PLUG@pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
