Comments on: Authentication via passwords or certificates? http://ebiquity.umbc.edu/blogger/2008/08/10/authentication-via-passwords-or-certificates/ EBB is the ebiquity research group\\\'s blog at the University of Maryland, Baltimore County (UMBC). We focus on technologies that facilitate the design, implementation and control of distributed, intelligent information systems -- mobile and pervasive computing, ad hoc networking, multiagent systems, knowledge representation and reasoning, and the semantic web. As the tides of technology ebb and flow, we hope the good ideas wash up on our beach and the bad ones drift back out to sea. Thu, 19 Nov 2009 00:39:45 -0500 http://wordpress.org/?v=2.8.4 hourly 1 By: Michael Hausenblas http://ebiquity.umbc.edu/blogger/2008/08/10/authentication-via-passwords-or-certificates/comment-page-1/#comment-25197 Michael Hausenblas Mon, 11 Aug 2008 13:32:51 +0000 http://ebiquity.umbc.edu/blogger/?p=1584#comment-25197 Tim, Good catch. Would OAuth [1] do the job, then? Cheers, Michael [1] http://oauth.net/ Tim,

Good catch. Would OAuth [1] do the job, then?

Cheers,
Michael

[1] http://oauth.net/

]]> By: Emil Sit http://ebiquity.umbc.edu/blogger/2008/08/10/authentication-via-passwords-or-certificates/comment-page-1/#comment-25196 Emil Sit Mon, 11 Aug 2008 13:19:54 +0000 http://ebiquity.umbc.edu/blogger/?p=1584#comment-25196 There are three basic ways to authenticate yourself: with something you know (e.g., a password), with something you have (e.g., an identity card), or with something you are or do (e.g., your retina scan). Do you think we should get rid of passwords altogether, giving up one of these three basic techniques? Combining more than one of these techniques with multi-factor authentication seems like a good idea; taking one of them away does not. There are three basic ways to authenticate yourself: with something you know (e.g., a password), with something you have (e.g., an identity card), or with something you are or do (e.g., your retina scan). Do you think we should get rid of passwords altogether, giving up one of these three basic techniques? Combining more than one of these techniques with multi-factor authentication seems like a good idea; taking one of them away does not.

]]>