Educause Security Discussion mailing list archives
Re: Passwords and Secure SSO
From: Cal Frye <cjf () CALFRYE COM>
Date: Tue, 21 Dec 2004 08:40:46 -0500
Sounds machine-specific. So when the user goes out to an Internet cafe somewhere he suddenly can't login to his Amazon.com account? Or do I misunderstand... --Cal Frye, Network Administrator, Oberlin College www.ouuf.org, www.calfrye.com "There is a whole world which I alone rule, but it ends at my fingertips." -- Ashleigh Brilliant (c) 1981. Kay Sommers wrote:
Secure passwords continue to a challenge. Has anybody looked at using PasswordScrambler as an approach to secure SSO? PasswordScrambler is a bookmarklet or chunk of Java code wired to a button on the browser's linkbar. It is activated when the user is on a page that's displaying a password field. The script prompts for a master pass phrase and then combines it with the domain name of the site being visited, hashes the combination to produce a scrambled string and puts that into the password field. The user can use the same master pass phrase on a different site and it produces a different password. It uses nothing but local JavaScript code. So the user only has to remember one secret, derives many storng passwords from it and never stores or transmits the secret. PasswordScrambler is supported in IE and Firefox and is free: http://www.onepassword.com/1p/default.aspx ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Passwords and Secure SSO Kay Sommers (Dec 20)
- <Possible follow-ups>
- Re: Passwords and Secure SSO Eric Pancer (Dec 20)
- Re: Passwords and Secure SSO Eric Pancer (Dec 20)
- Re: Passwords and Secure SSO Gary Dobbins (Dec 21)
- Re: Passwords and Secure SSO Cal Frye (Dec 21)
- Re: Passwords and Secure SSO Alan Amesbury (Dec 21)