The only websites that should support password authentication are OpenID providers.

By 8 Rorek on February 01, 2007

And even that's debatable.

Embed Claim Make a related claim

Discussion (6)

http://mwgamera.name/

1 mwgamera who agreed, says

I agree even more at ‘And even that's debatable.’

Make a related claim about 1 year ago (link)
http://damnian.com/

3 Dmitry Shechtman who disagreed, says

I ONLY agree with "that's debatable".

Make a related claim about 1 year ago (link)
http://brucewang.net/

1 Bruce Wang who disagreed, says

Online banking services or other sensitive service providers should provide their own, more secure authentication solutions (public keys, etc)

Make a related claim about 1 year ago (link)
http://evan.prodromou.name/

4 Evan Prodromou who disagreed, says

I think it's up to OpenID providers to have even better security than normal. We're taking on the job of Authentication Service for the Web, and we should be doing a good job of it.

https://certifi.ca/ shows that it's possible and in fact convenient to use higher-quality security like client-side SSL certificates for authentication. There's no passwords, ever.

Make a related claim about 1 year ago (link)
http://harningt.eharning.us/

No_score harningt who disagreed, says

Why should even OpenID providers use passwords?

Make a related claim 5 months ago (link)
http://obijan.com/

1 obijan.com who agreed, says

Client SSL certs FTW!

Make a related claim about 1 month ago (link)
Sign in in to leave a comment.