If you are still in the misguided camp of those thinking that OTPs (One Time Password) are the end-all be-all of online security then you may find this information interesting.  Of course this particular instance is not the first case of OTPs being successfully attacked, Citibank and Nordea Bank both had reasonably well covered attacks [...]

>>Permalink

Facebook First Big Site To Really Embrace OpenID
Finally an announcement in the OpenID world about an RP! Everyone wants to rule the world as IPs, but no one (that matters) wants to reciprocate. Guess I can’t say that anymore as FB certainly matters (for now).
How to Spot a Fake Census Worker
Remember, if anyone says, “I’m [...]

>>Permalink

Funny that discussions around identity systems always come back to being analogous to payment systems such as this post wishing OpenID to be the next Visa.  Similar to my thoughts on looking for Identity’s version of PayPal, though I don’t think OpenID as an organization has any hope in Hades of becoming the Visa of [...]

>>Permalink

I ran across this initial post OpenID, Information Cards, and Passwords in my newsreader which then led me to the original article “Goodbye, Passwords. You Aren’t a Good Defense” as well as a bunch of other responses to the Goodbye article by Kim Cameron, Axel Nennker and Dave Kearns.
Great posts and all of this is marvelous commentary on all [...]

>>Permalink

As I discussed in ID Theft Confusion, I’m much more concerned about ID Theft than I am any number of fraudulent uses of my stolen account information.  This story, “ID Theft - After-shock review” and the report it references, “Identity Theft: The Aftermath 2007“ should help convince you to be equally concerned to understand the difference [...]

>>Permalink

This is what I posted over at Web Worker Daily in response to a great post by Mike Gunderloy, “OpenID: A Contrarian View“.
I have to confess that as closely as I follow and often espouse the value of OpenID, I’m a complete hypocrite as I don’t use it day-to-day. I like OpenID more as a [...]

>>Permalink

While reading the article, “Brits risk card fraud with slack security“, I was struck again by the confusion around the various types of fraud and what falls into the bin of “identity theft”.  The article holds no surprises for anyone that’s ever watched the general public interact with their cards on and offline.  Hence, it [...]

>>Permalink

Got this in an email for posting up my picture of Phormtaiqr on Spock.com: 
“Spock users have flagged and deleted a picture which you contributed to Tim Renshaw’s search result. Flagging and deletion occurs for a number of reasons. Sometimes it is because information is factually incorrect, sometimes it is because contributions are inappropriate. For [...]

>>Permalink

We are well into the era of Web 2.0 with social networking all the rage.  At work, we are using an increasing number of web applications and services.  Consequently, we are spreading around an incredible amount of sensitive information about our families, employers, associates and ourselves.  Amazingly, we have made no real gains in creating [...]

>>Permalink

I discussed this over on EYEdentityOnline.com:
G-Archiver Brings Web 2.0 Risks Into Focus
Originally published March 15, 2008

>>Permalink