Why Federate?

Tim Bray, NPR | All Things Considered, Aug 01, 2013
Commentary by Stephen Downes

Tim Bray offers the argument to application developers in favour of employing 'federated identity', that is, using an identity provider such as Facebook, Google, Twitter or Microsoft (and as he says, there are many more, though we never seem to see them) instead of managing logons and storing passwords locally. The argument in favour is stated in a series of press reports about security breaches on various services. But are federated identities more secure? For one thing, all data managed by these identity providers is subject to routine collection and reading by the U.S. government's PRISM program. Moreover, you are storing your identity information with companies whose business model is in large part based on the sale of identity information to marketers and reserach firms. When I'm faced with a website or service that gives me no choice but to use Google or Facebook or Twitter to log in, I simply don't use that service. Something to think about.

an “Identity Provider” (IDP) like Facebook or Google or Microsoft or Twitter
an “Identity Provider” (IDP) like Facebook or Google or Microsoft or Twitter
an “Identity Provider” (IDP) like Facebook or Google or Microsoft or Twitter
Views: 0 today, 123 total (since January 1, 2017).[Direct Link]