security
Perhaps you’ve seen this recent XKCD about password choice? It prompted a spirited debate – even on our very own Security Stack Exchange – about the merits of the argument presented there. Now, to be clear, I’m completely on Randall’s side here; I’m all for passphrases over passwords,
authentication
Back in summer 2008 when we were building Stack Overflow, I chose OpenID logins for reasons documented in Does The World Really Need Yet Another Username and Password: I realize that OpenID is far from an ideal solution. But right now, the one-login-per-website problem is so bad that I am
authentication
As we continue to work on the code that will eventually become stackoverflow, we belatedly realized that we’d be contributing to the glut of username and passwords on the web. I have fifty online logins, and I can’t remember any of them! Adding that fifty-first set of stackoverflow.
authentication
Dare Obasanjo’s May 26th thoughts on the Facebook platform contained a number of links to the Facebook API documentation. At the time, clicking through to any of the Facebook API links resulted in a login dialog: It struck me as incredibly odd that I had to login just to
security
I’m no fan of the classic login/password scheme. I can barely remember any of the zillion logins and passwords I have. More often than not, I end up using the “forgot password” link. Which means, in effect, that my email account is my global password. And if you’
password management
I have fifty online logins, and I can’t remember any of them. What’s my password? I can’t use the same password for every website. That’s not secure. So every password is unique and specific to that website. And what’s my login name? Hopefully it’s