|
IMO, A big danger of implementing centralized authentication across multiple sites is that will make social engineering schemes aimed at stealing a user's credentials more plausible and effective. I know that systems such as OpenID and others perform authentication directly between the user and thetrusted provider (google, facebook, twitter, etc), and that the site ends up with a one-time token that confirms the user's identity. The site requesting authentication never gets the actual password to the openID account, which makes this approach viable in a technical security sense. But here's the thing: general users are getting used to entering their centralized credentials to perform actions on untrusted sites. Technical users understand the design. We can confirm that, yes, TwitScoop does indeed direct us to twitter.com/oauth/... (no HTTPS, but that's another story). Regular users posting a comment on a blog, though, don't see any difference between giving their credentials to a trusted Google login site and entering their credentials into some form on a blog. If, for example, logging in with Facebook credentials becomes common, it would be trivial to create a rogue blog which collects login information. Fill it with a few incendiary posts, possibly create an official-looking Facebook login page that doesn't display its URL, and it would be possible to capture quite a few sets of credentials. |