My idea is ...

← Ideas

Two way othentication system

Open Id is a great concept and I like to use it in day to day life but security is a critical issue here. I think password is not enough to protection We need two way authentication system which is free to everyone and easy to deploy in servers.

For that We can create a software that we need to install it to the USB flash drive and whenever we need to login we have to use that USB drive which having a software which will authenticate the process Its like a debit card that we using in ATM where we need the debit card and password to access the ATM so without the combination its impossible to use ATM same idea we can implement for websites.

The bright side is that it can be a free technology that all user can use. Mostly everybody use portebal USB drives to carry their data, same USB drive can be used for the process.

For software, developers can create a portable and secured application which contains info cards, digital certificates , email certificates, Spl digital certificate that can be used for particular software download and USB so if any user copy the software to other USB drive then the old certificate will don't work fot that USB drive so by this we can create a solid security layer

19 votes
Vote
Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
aniruddhdodiya shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

5 comments

Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Close
Close
Submitting...
  • xster commented  ·   ·  Flag as inappropriate

    I think opt-in certificate+password option from OP would be interesting

  • Alois Hammer commented  ·   ·  Flag as inappropriate

    This really doesn't have anything to do with the OpenID specification itself that I'm aware of. It's implemented by OpenID providers-- or not.

  • AdminChris Messina (Admin, OpenID) commented  ·   ·  Flag as inappropriate

    @malcolmhathaway: I think convenience, utility and usability will accelerate the use of OpenID. Once that happens, additional security services will probably become more attractive.

  • malcolmhathaway commented  ·   ·  Flag as inappropriate

    I agree that a single place that stores many passwords should have greater security than a email and password. The potential security loss of data of having access to all of my accounts from one place worries me. So I would propose that the login to openid uses one of the many different solutions that are available on the market now for more secure authentication, such as something like www.safelogin.co.uk that is one of the image password solutions. There are other alternatives to user name and password available and maybe this 'extra' level of security would accelerate the use of openid?

Ideas

Feedback and Knowledge Base

(thinking…)