If you are still in the misguided camp of those thinking that OTPs (One Time Password) are the end-all be-all of online security then you may find this information interesting.  Of course this particular instance is not the first case of OTPs being successfully attacked, Citibank and Nordea Bank both had reasonably well covered attacks [...]

>>Permalink

Facebook First Big Site To Really Embrace OpenID
Finally an announcement in the OpenID world about an RP! Everyone wants to rule the world as IPs, but no one (that matters) wants to reciprocate. Guess I can’t say that anymore as FB certainly matters (for now).
How to Spot a Fake Census Worker
Remember, if anyone says, “I’m [...]

>>Permalink

I’m at the RSA show this week.  If you’re in the neighborhood, look me up.
Not sure if I’ll ever be able to get back to regular blogging, much as I’d like to.  The good news / bad news is that work is keeping me busy and completely occupied.  Good news in this economy, bad news in [...]

>>Permalink

I want to take the time and do an analysis of the various players that seem to be inching toward the kind of solution I’m looking for and contending to be the “PayPal of identity”, but time is tight now and for the next couple of weeks.  So in the meantime, here’s a couple sites [...]

>>Permalink

I ran across this initial post OpenID, Information Cards, and Passwords in my newsreader which then led me to the original article “Goodbye, Passwords. You Aren’t a Good Defense” as well as a bunch of other responses to the Goodbye article by Kim Cameron, Axel Nennker and Dave Kearns.
Great posts and all of this is marvelous commentary on all [...]

>>Permalink

As I discussed in ID Theft Confusion, I’m much more concerned about ID Theft than I am any number of fraudulent uses of my stolen account information.  This story, “ID Theft - After-shock review” and the report it references, “Identity Theft: The Aftermath 2007“ should help convince you to be equally concerned to understand the difference [...]

>>Permalink

This is what I posted over at Web Worker Daily in response to a great post by Mike Gunderloy, “OpenID: A Contrarian View“.
I have to confess that as closely as I follow and often espouse the value of OpenID, I’m a complete hypocrite as I don’t use it day-to-day. I like OpenID more as a [...]

>>Permalink

A friend asked me about IronKey today and my first recollection was that I stopped by their booth last year at RSA. So I initially responded that far as I could remember, it was just another secure USB storage play. But since he was asking, I figured I would revisit it, especially when [...]

>>Permalink

We are well into the era of Web 2.0 with social networking all the rage.  At work, we are using an increasing number of web applications and services.  Consequently, we are spreading around an incredible amount of sensitive information about our families, employers, associates and ourselves.  Amazingly, we have made no real gains in creating [...]

>>Permalink

I discussed this over on EYEdentityOnline.com:
G-Archiver Brings Web 2.0 Risks Into Focus
Originally published March 15, 2008

>>Permalink