On my openid account i've enabled phone authentication (CallVerifID),
so any time I log in I get a phone call (press "#" to login). Seems
pretty bomber to me, maybe you could recommend your users do the same.
On Feb 9, 2009, at 2:02 PM, Balasubramanian G wrote:
Dear all,
I recently started working upon making my site openid enabled. when
i was having a talk with my friend abt this, he pointed a series of
articles in the internet which describe the vulnerabilities in using
openid. Though my site does not deal with any sensitive data, i just
want to make sure that its safe to the users if not 100%, atleast to
the max extent.
So, pls advise me on how secure is openid and wht safety measures
should i implement in order to make it more safe as i am answerable
to the users of my site if they raise the question of security..
Reply ASAP
Warm Regards
Balasubramanian
_______________________________________________
security mailing list
[email protected]
http://openid.net/mailman/listinfo/security
_______________________________________________
security mailing list
[email protected]
http://openid.net/mailman/listinfo/security
