Content-type: text/html Downes.ca ~ Stephen's Web ~ Why Federate?

Stephen Downes

Knowledge, Learning, Community

Tim Bray offers the argument to application developers in favour of employing 'federated identity', that is, using an identity provider such as Facebook, Google, Twitter or Microsoft (and as he says, there are many more, though we never seem to see them) instead of managing logons and storing passwords locally. The argument in favour is stated in a series of press reports about security breaches on various services. But are federated identities more secure? For one thing, all data managed by these identity providers is subject to routine collection and reading by the U.S. government's PRISM program. Moreover, you are storing your identity information with companies whose business model is in large part based on the sale of identity information to marketers and reserach firms. When I'm faced with a website or service that gives me no choice but to use Google or Facebook or Twitter to log in, I simply don't use that service. Something to think about.

an "Identity Provider" (IDP) like Facebook or Google or Microsoft or Twitter
an "Identity Provider" (IDP) like Facebook or Google or Microsoft or Twitter
an "Identity Provider" (IDP) like Facebook or Google or Microsoft or Twitter

Today: 0 Total: 81 [Direct link] [Share]

Image from the website


Stephen Downes Stephen Downes, Casselman, Canada
stephen@downes.ca

Copyright 2024
Last Updated: Nov 21, 2024 05:35 a.m.

Canadian Flag Creative Commons License.

Force:yes