Capabilities and weaknesses of token-based authentication
From Martin McKeay’s blog: As most security professionals know, passwords are a losing proposition. We use them because the capability comes with your operating system, but their weaknesses are many. Here, Dana Epp talks about the capabilities of token-based authentication, as well as some of the weaknesses. He hopes that some day in the not-too-distant future we will control our own digital identity rather having a different identity with each and every merchant or server.
When I heard that Dana was going to be at Linuxfest Northwest in May, I wasn’t going to miss a chance to talk to him. Dana was one of the first security professionals to start blogging, and he’s been a personal inspiration for my own blogging. I caught up with him after he gave a talk on strong authentication, and just before he headed into another talk on OpenID.