2010 Google Faculty Summit: Defeating the Password Anti-Pattern with Open Standards
Google Faculty Summit 2010
July 29, 2010
Presented by Dirk Balfanz.
Passwords can leak through a variety of channels: users tend to re-use passwords across web sites, get phished, attacked by malware, etc. Most would agree that password-based authentication is not very secure. So why do we still live in an online world dominated by passwords? In my talk I will point out some of the challenges we face when moving away from password-based authentication. I will explain what roles OpenID and OAuth play in this move, security issues we faced in the past with these protocols, and where we're headed in the world of "Internet Identity."