http://blogs.divisibleprime.com/ronin/articles/2007/05/24/openid-for-every-estonian en-us 40 Stuff <p><a href="https://open.id.ee/about/english">Looks</a> like there&#8217;s going to be an OpenID for every Estonian. Cool.</p> <p>Simon Willison <a href="http://simonwillison.net/2007/May/24/openid/">asks</a> how Smart Cards help with Phishing. I believe it&#8217;s because they are a form of <a href="http://en.wikipedia.org/wiki/Strong_authentication">2FA</a> where only one of the 2 Factors is ever exposed and hence all the credentials can&#8217;t be phished. </p> <p>I&#8217;m not an expert though, and of course a quick google <a href="http://www.google.com/search?q=2%20factor%20authentication%20phishing">search</a> turns up some <a href="http://www.theregister.co.uk/2007/04/19/phishing_evades_two-factor_authentication/">examples</a> of 2FA being phished.</p> <p>btw, I first read this as &#8220;OpenID for all Etonians&#8221;, which I thought was kind of weird, but not totally out of the question.</p> Thu, 24 May 2007 22:10:00 +0100 urn:uuid:0611c8d5-925b-4d23-aa4c-427002dbda2b Kerry http://blogs.divisibleprime.com/ronin/articles/2007/05/24/openid-for-every-estonian Tech OpenID Identity identity openid security http://blogs.divisibleprime.com/ronin/articles/trackback/877 <p>You might be interested in my view on the subject <a href="http://martin.paljak.pri.ee/2007/05/25/openid-smart-cards-and-security-risks/" rel="nofollow">http://martin.paljak.pri.ee/2007/05/25/openid-smart-cards-and-security-risks/</a></p> Fri, 25 May 2007 09:12:30 +0100 urn:uuid:b4a9b02b-d7a4-498b-a9ac-68be2edeadee http://blogs.divisibleprime.com/ronin/articles/2007/05/24/openid-for-every-estonian#comment-19