Tuesday, April 18

Password: The first step of security

1, Password is important. First, you don't want to disclose all your information. Second, you want to control your accounts. Last but not the least, it's a shame to be broken in.

2, Never use one password for all the websites. If one website is vulnerable, your information in all the websites, including your contact information, your friend list, your email, will be compromised.

3, Tired of remembering different password? Microsoft has a solution: Microsoft Passport NetworkPassport. (Will upgrade toWindows Live ID Windows Live ID). The idea is: You apply for an account in Microsoft Passport NetworkPassport. Then when you visit some websites which are affiliate with Passport, you will be redirect to Passport's website to input your username and passport. After you are verified by Passport, it will tell the website you want to visit: Yes, this man is one of my users, he is clear. Then you will be authorized to visit the affiliated website. Only the Passport website has your passport, and you need only to remember one passport, and you can visit many websites, such as MSN, HotMail...

4, Do you trust Microsoft? Do you trust it to put your only password in this basket? In Open Source community, there's one alternative: OpenID. It is a distributed system. There're several OpenID servers to choose from (currently), and you can setup your own OpenID server too. In every website which supports OpenID, you can input a link in your OpenID server, then the server will talk to the website following the spec, you will be let in.
There's no central server, so you can claim yourself Bill Gates @ yourserver. Of course people will consider respectable servers first.