Will Facebook Become the Net's SSO?

lordDallan writes "Simson Garfinkel at MIT Technology Review muses on the idea of your Facebook account becoming an 'Internet Driver's License', ruminating on the idea of an individual's Facebook login becoming their single sign on for the web. I say NO THANKS!!"

Re:If FB does become the SSO, at least do it right

[BitZtream]

8: It's corny, but consider a unique login picture per user that is used at some sites, Yahoo being the most widely used. This way, when you enter your username, if you don't get the picture, you likely got phished.

I wish people would stop thinking this is useful.

Any phishing site worth its weight in salt will simply pull in your picture from the real site and display it to you.

I've created example sites to demonstrate this very issue with Bank of America's system which does this.

The picture is essentially public information since you don't have to actually authenticate in order to see it so anyone can see it and redisplay it too you.

Academics

[Dunbal]

So some academic at MIT has "re"discovered the Microsoft Passport, huh? Microsoft wanted a piece of that action over 10 years ago. It didn't work. Everything old is new again... to some people anyway.