|
|
|
|
|
|
by ozten
4821 days ago
|
|
|
> Wait. So, my email provider (Yahoo) can now keep track of every website I login to, if he wants? How can I stop Yahoo being the middleman? Nope. Architectures like OpenID "phone home" and report your movement across the web. Persona was explicitly designed to be privacy preserving. > Second question, if an attacker knows my Yahoo password, can he potentially login to _all_ Persona-powered websites with my email then? Yes, if an attacker has your yahoo email address and password, they can log in as you. BUT, you can take advantage of two factor auth from Yahoo as well as other security features they provide, to keep yourself safe. |
|
|