OpenID and Stronger AuthN

I have previously posted here about the perceived asymmetry of risk in OpenID between OpenID Providers and Relying Parties. I had given the example of the Verisign PIP service and how it allows for password reseting via email with no additional identity verification.

Versign let me know that I should have also mentioned that the PIP provider now supports two factor authentication via the PayPal SecurityKey (a OTP token). There is also newly added Information Card support at PIP that will have to dig into.

Another option for stronger authentication for OpenID is the client certification authentication option available for MyOpenID, which I blogged about a while back here.

It will be interesting to see if two factor authentication (or stronger authentication) becomes a factor in OpenID adoption.

(Mirrored from TalkBMC)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s