Also, I'm a fan of OpenID. In most cases it seems to me that it's not necessary to prove that that the user is the user, but rather just a way to attach metadata to an arbitrary account.
Since the passphrase for my e-mail is something along the lines of "My favorite animal is the number purple" and it's transmitted over HTTPS. The only way one would ever get it is either by looking directly at me as I type it in. I consider it to be rather secure. In this particular case, I would rather log into my bank with OpenID than with their system, seeing that their system is quite a bit less secure (only allowing 8 characters). AJ ONeal
-------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
