Understood, but you're use case #1

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #185,666

Picture of FuManChu

11/30/04 10:29:59 PM

Understood, but you're use case #1

I don't have your IWE experience, so your answers would help design the "casual" system. But, it sounds like you're still one design level up from that--still trying to determine market foci. I do think you're going to find different styles for different markets (it's a Prego problem: [link|http://www.gladwell.com/2004/2004_09_06_a_ketchup.html|http://www.gladwell....06_a_ketchup.html]), but short of a major research investment, I'm not sure how far you'll get determining those. The stickier issue is that authentication systems tend to be tightly integrated into applications, so an "administrative setting" will be tough. It might be best to just make your auth system as pluggable as possible and wait for requests from deployers.

Anyway, here's my best guess on where those segments would center and their requirements:

1. Relaxed: Adding an account is very easy, 1 step if possible, but keep the spam low through restrictions (quotas, IP address auditing). Forgotten passwords are emailed in plain text.

2. Strict: Adding accounts is two-factor, multiple steps (I've used folkert's email-a-URL before and it works well). Changing your pw if you already know it is easy. If you don't, resetting it should be subject to the _same_ auth process as creating it (need an email or IP or ..? in addition to name). In other words, if you're going to make resetting tough, make account creation equally tough.

3. Corporate: Restricted set of users; accounts are hard to get and not administered via the web. Make IIS or PAM handle it for the first release, then add your own later on if needed. All auth traffic is out-of-band.

4. Paranoid: Private keys. :)

Post #185,667

11/30/04 10:40:15 PM

I can do private keys...

I keep them on a 32MB Thumb.

--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ i_wethey

No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
Here is an example: [link|http://www.greymagic.com/security/advisories/gm001-ie/|Executing arbitrary commands without Active Scripting or ActiveX when using Windows]

zIWT meta: Which is better: - (admin) - (66) - Nov. 30, 2004, 09:02:55 PM EST

3) -NT - (mmoffitt) - Nov. 30, 2004, 02:43:44 PM EST

1) - (jb4) - (3) - Nov. 30, 2004, 02:50:26 PM EST

Not for long, at least... -NT - (admin) - (2) - Nov. 30, 2004, 02:51:30 PM EST

Is that a threat?!? -NT - (jb4) - (1) - Nov. 30, 2004, 05:27:37 PM EST

You should know by now... - (admin) - Nov. 30, 2004, 05:31:06 PM EST

3, with verification - (Arkadiy) - (29) - Nov. 30, 2004, 02:52:40 PM EST

Seconded. -NT - (Yendor) - Nov. 30, 2004, 02:54:26 PM EST

NO - (FuManChu) - (27) - Nov. 30, 2004, 02:57:04 PM EST

Er, buh? - (admin) - (3) - Nov. 30, 2004, 02:58:41 PM EST

That's enough of a detriment not to warrant the risk IMO -NT - (FuManChu) - (2) - Nov. 30, 2004, 04:13:16 PM EST

? -NT - (admin) - (1) - Nov. 30, 2004, 04:16:38 PM EST

?? -NT - (drewk) - Nov. 30, 2004, 05:46:20 PM EST

Yeah - (Yendor) - (11) - Nov. 30, 2004, 03:01:36 PM EST

How is that insecure? - (FuManChu) - (2) - Nov. 30, 2004, 04:17:29 PM EST

You're unclear on this. - (admin) - (1) - Nov. 30, 2004, 04:18:26 PM EST

See below. -NT - (FuManChu) - Nov. 30, 2004, 04:22:21 PM EST

You only need one field labeled "Hint" - (tuberculosis) - (7) - Aug. 21, 2007, 06:13:52 AM EDT

Sure... - (Yendor) - (6) - Dec. 1, 2004, 02:06:55 PM EST

Bah. - (admin) - Dec. 1, 2004, 02:10:59 PM EST

Not quite - (FuManChu) - (4) - Dec. 1, 2004, 04:35:59 PM EST

And my point is... - (Yendor) - (3) - Dec. 1, 2004, 08:03:26 PM EST

I have a standard formula I use for passwords. - (folkert) - (2) - Dec. 1, 2004, 10:20:06 PM EST

I also have a standard formula - (daemon) - (1) - Dec. 1, 2004, 10:40:44 PM EST

Ding, Ding, Ding. - (folkert) - Dec. 1, 2004, 11:06:54 PM EST

It's only insecure if the user is allowed to proceed - (imric) - (10) - Nov. 30, 2004, 03:13:54 PM EST

Bah. Risk is the issue. - (FuManChu) - (9) - Nov. 30, 2004, 04:22:03 PM EST

So what's YOUR suggestion? -NT - (admin) - (4) - Nov. 30, 2004, 04:23:51 PM EST

Unfortunately for you #1 ;) - (FuManChu) - (3) - Nov. 30, 2004, 04:39:05 PM EST

WTF? - (admin) - (2) - Nov. 30, 2004, 04:41:00 PM EST

Sorry. You're right. I didn't read carefully. - (FuManChu) - (1) - Nov. 30, 2004, 04:44:04 PM EST

So how does that change your answer? - (admin) - Nov. 30, 2004, 04:48:36 PM EST

Same risk than we have now during login. - (imric) - (2) - Nov. 30, 2004, 04:30:48 PM EST

Same outcome, different risk--the attack surface has doubled -NT - (FuManChu) - Nov. 30, 2004, 04:37:17 PM EST

Not mine. - (CRConrad) - Dec. 1, 2004, 02:33:03 AM EST

Can we please weight the risks - (Arkadiy) - Dec. 1, 2004, 02:04:43 PM EST

3) with some safeguards? - (Another Scott) - Nov. 30, 2004, 02:55:35 PM EST

4) WikiWay: everything wide open ... muuuaaaahahahahahaha -NT - (drewk) - (1) - Nov. 30, 2004, 03:29:24 PM EST

Shaddap wid' yer shaddin' ap... -NT - (admin) - Nov. 30, 2004, 03:30:31 PM EST

3 with a "what is your dog's name?" thingie -NT - (Silverlock) - Nov. 30, 2004, 03:44:54 PM EST

I'll join Ark, Scott(2), Don(Silverback), and YendorMike: 3+ - (CRConrad) - (2) - Nov. 30, 2004, 04:07:55 PM EST

<raises hand> on that last bit. :-) -NT - (Another Scott) - Nov. 30, 2004, 04:12:16 PM EST

Aye - 3) with - (imric) - Nov. 30, 2004, 04:24:18 PM EST

Another few options: - (admin) - (9) - Nov. 30, 2004, 04:50:29 PM EST

I'd rather not vote on solutions until we discuss risks - (FuManChu) - (8) - Nov. 30, 2004, 05:43:54 PM EST

Re: I'd rather not vote on solutions until we discuss risks - (admin) - (7) - Nov. 30, 2004, 05:53:17 PM EST

Okay, start with costs of current proposals - (FuManChu) - (3) - Nov. 30, 2004, 07:39:31 PM EST

Missed the point. :-) - (admin) - (2) - Nov. 30, 2004, 08:53:54 PM EST

Understood, but you're use case #1 - (FuManChu) - (1) - Nov. 30, 2004, 10:29:59 PM EST

I can do private keys... - (folkert) - Nov. 30, 2004, 10:40:15 PM EST

What do you want the software to do? - (Another Scott) - (2) - Nov. 30, 2004, 09:10:22 PM EST

Nope, wrong - (drewk) - (1) - Nov. 30, 2004, 09:35:34 PM EST

Yes, a *good* challenge question would be needed. - (Another Scott) - Nov. 30, 2004, 11:26:03 PM EST

how about 4, the way we do it now - (daemon) - (3) - Nov. 30, 2004, 05:18:15 PM EST

Which is? - (Another Scott) - Nov. 30, 2004, 05:21:17 PM EST

And what would that be? - (admin) - (1) - Nov. 30, 2004, 05:21:46 PM EST

the way it works now - (daemon) - Nov. 30, 2004, 05:34:53 PM EST

How about 5... - (jb4) - Nov. 30, 2004, 05:32:45 PM EST

16) Storing them encrypted with a "reset my password" featur - (folkert) - Nov. 30, 2004, 06:38:09 PM EST

A variation on 2) - (altmann) - Nov. 30, 2004, 07:36:03 PM EST

3), with a question 1st. -NT - (broomberg) - Nov. 30, 2004, 08:03:43 PM EST

3 with a proviso - (ChrisR) - (1) - Nov. 30, 2004, 08:23:21 PM EST

I like that! -NT - (Arkadiy) - Dec. 1, 2004, 02:10:44 PM EST

3. Puts the onus of keeping valid email address on user. -NT - (a6l6e6x) - Nov. 30, 2004, 09:08:12 PM EST

3 -NT - (pwhysall) - Dec. 1, 2004, 07:52:52 AM EST

6. - (static) - Dec. 5, 2004, 08:45:34 PM EST

"zIWT meta: Which is better:" Voting/Ratification (new thread) - (folkert) - Dec. 5, 2004, 09:59:30 PM EST

In conclusion, lithium in the water supply.
83 ms