Re: Smartcard and non-password methods (was Re: Password repository)

[Christopher Morrow <morrowc.lists () gmail com>]

On Sat, Nov 21, 2009 at 10:45 PM, Scott Howard <scott () doc net au> wrote:
> On Sat, Nov 21, 2009 at 6:38 AM, John Levine <johnl () iecc com> wrote:
>
> > > Are passwords still the only lowest-common-denominator?
> >
> > There's OpenID, where a provider can use any verification process it
> > wants, but all the OpenID providers I know use ordinary passwords.
>
> http://yubico.com/developers/openid/
>
> I'm currently trialing Yubico's for access to a number of Unix systems (via
> PAM), and they seem to work very well.  Haven't played around with the

+1 for yubico's simplicity to setup/use. They also support a 'run your
own auth server' model, so if you've got a closed system you don't
have to find a way to sneak out http/s links to yubico-land.

> OpenID support, so I can't comment on if/how well it works.

I have not used their openid support either... but it looks promising.

-Chris