Passport to Nowhere

← Back to Stories (view on slashdot.org)

Posted by michael on Tuesday March 23, 2004 @08:41AM from the where-did-you-want-to-go-yesterday dept.

prostoalex writes "CNET News.com.com talks about less than glamorous acceptance of Microsoft's single sign-on technology, .NET Passport. Being launched as a single sign-on service for online businesses and competing heavily with open Liberty Alliance project, which so far has produced just a large amount of PDF files, .NET Passport is considered a failure (although not by Microsoft). Turns out, high licensing fees, lack of simple implementation, security leaks and server downtime, were not acceptable to most of potential clients out there."

5 of 361 comments (clear)

Min score:

Reason:

Sort:

Only used in hotmail by sapped · 2004-03-23 08:45 · Score: 5, Informative

I actually created a passport login to see how many places they would use it and if it would be beneficial. Thus far I have only seen it used with Hotmail and on the MSN site. Have any others seen it used on other non-Microsoft sites?
Just PDF files? by finkployd · 2004-03-23 08:46 · Score: 5, Informative

Liberty Alliance project, which so far has produced just large amount of PDF files

Which is all they intended to produce. Technically Liberty Alliance is a spec, not an implementation.

Now if you are asserting that there are no implementations, the SourceID people would probably disagree with that.

Finkployd
Vendors don't want it. by AnotherBlackHat · 2004-03-23 08:54 · Score: 4, Informative

From the article

"I can't imagine a Web site today being willing to pay $10,000 a year and go through the whole process necessary to implement Passport."

Hello? It's not very easy to imagine a site that's willing let a third party handle customer information for free.

Most companies aren't even willing to tell you how many customers they have, much less let you collect personal information about them.

-- this is not a .sig
Re:Problem that doesn't exist big time... by jfengel · 2004-03-23 08:55 · Score: 4, Informative

The problem isn't managing passwords for a web site. The problem is managing passwords for ALL web sites.

How many accounts do you have, between eBay and paypal and Amazon and slashdot and ...? Do you use a different password for each one? Aren't you the least bit worried that the Slashdot editors will use your Slashdot password against your Amazon account?

The idea of Single Sign-On is to put all of your eggs in one basket, then make sure it's a really good basket. Nobody trusts Microsoft to make that really good basket, but it doesn't mean that they're not trying to solve a real problem. It's a tricky one, because the trust factor is scary, and the stakes are very high.
Apple's Keychain by diamondsw · 2004-03-23 10:09 · Score: 4, Informative

What works well is Apple's Keychain idea.

If you want, all of your passwords (web sites, iDisk, e-mail, etc) are all stored in your encrypted keychain on your computer. When you login and authenticate your primary keychain is unlocked, allowing programs that stored passwords to access them. Programs cannot access others' passwords without your consent (in the form of "The application blah wants to access your keychain. Do you want to allow this?"). As would be expected, the whole shebang is encrypted on disk, I believe with AES. Finally, if you don't want all of your passwords in one spot, you can create multiple keychains (e-mail accounts, financial sites, other web sites) and unlock them only as needed.

It's all local, all secure, very flexible, and by default so easy it's completely transparent.

--
I don't know what kind of crack I was on, but I suspect it was decaf.