Does the need to post a comment on Gizmodo really justify polluting the world with yet another username and password?
Let me see if I understand this logic correctly: password reuse is a critical internet problem because it puts all of your sensitive stuff into one key, your re-used password.
And the way to address this problem is to put all of your sensitive stuff into one third party whom we trust more, for purposes of our conversation we can just call them "the monopolist".
I don't think so. How about a distributed password system where I personally own the code and it kicks off a unique key for me for every web site I sign up to? After all, I've gotten pretty good about carrying around important things in my life. I use something called a wallet. The concept has been working fine for thousands of years. Whereas the idea of having somebody else keep secrets for folks really doesn't have that great of a sterling track record, as the Gawker situation shows.
This was a great article in that it's starting to show people how screwed up things are. But the conclusions (to me) seem all out of whack.
> And the way to address this problem is to put all of your sensitive stuff into one third party whom we trust more, for purposes of our conversation we can just call them "the monopolist".
You're missing the point. Giving out your password to a number of sites is as secure as the least secure of those sites. Giving it to a single third party still poses its problems, but is a much safer bet statistically.
> […] all of your sensitive stuff into one third party […]
You can designate any OpenID provider, including yourself. In such case DNS and optionally Certificate Authorities are only 3rd parties that have to be trusted (and if you can't trust these, you shouldn't be using the Web).
What I meant was that I own the process for making my own key, including salting, hashing, random-number generation, or any damn other thing I choose. Instead of me just having to c come up with semi-plaintext passwords or passphrases that I can remember, I can just carry around something that can provide me all the keys I could ever want. Perhaps I could keep a backup of this device somewhere in the cloud. Perhaps not.
But with a true distributed, non-predictable password generating system, there is no one crack that can effectively get to all the plaintext passwords. Big benefit there, and keeping something like a dongle in my wallet matches very well with the usual way things of value are already being kept. I'm perfectly happy with taking responsibility for salting, obscuring, and otherwise encrypting my passwords for various sites. In fact, I'd rather do it than have the site owner do it (or not).
The site owner can continue using the password as a check for access, it works the same as before, he's just not responsible for taking something easy for me to do (like remembering some kind of passphrase) and storing that somewhere. Or, in other words, instead of traditional mostly-English passwords each of us will just have our own system of generating rather large impenetrable blobs, which will then be used for authentication. If you crack Gawker the only thing you get of mine is some huge random pile of bytes which I only use for Gawker, not potentially the keys to every other site I use on the internet. I will personally assume responsibility for distributing passwords to tens of thousands of internet sites. This is simple crypto. I do not need to put all of my eggs into one basket, no matter how large, secure, warm, and fuzzy that basket is.
There is nothing (that I'm aware of) stopping you from setting up your own Open ID provider that used the method you described for authentication. The downside of course is that it's Open ID, which means it's pretty much only useful at places you don't need it.
Let me see if I understand this logic correctly: password reuse is a critical internet problem because it puts all of your sensitive stuff into one key, your re-used password.
And the way to address this problem is to put all of your sensitive stuff into one third party whom we trust more, for purposes of our conversation we can just call them "the monopolist".
I don't think so. How about a distributed password system where I personally own the code and it kicks off a unique key for me for every web site I sign up to? After all, I've gotten pretty good about carrying around important things in my life. I use something called a wallet. The concept has been working fine for thousands of years. Whereas the idea of having somebody else keep secrets for folks really doesn't have that great of a sterling track record, as the Gawker situation shows.
This was a great article in that it's starting to show people how screwed up things are. But the conclusions (to me) seem all out of whack.