LinkedIn Twitter Facebook
Publisher / Editor @ CloudAve and Enterprise Irregulars. Industry Observer, Blogger, Startup Advisor, Program Chair @ SVASE (Silicon Valley Association of Startup Entrepreneurs). In his "prior life" spent 15 years immersed in the business of Enterprise Software, at management positions with SAP, IBM, Deloitte, KPMG and the like.

5 responses to “The Password Conundrum”

  1. schultzter

    One thing I don’t do is reveal my solution on blog comments 🙂

    I wish more sites would consume OpenID (everyone wants to be a provider – no one wants to be a consumer). I’d probably still use more than one provider and for my most important “profiles” I’d still probably log in individually.

    But having maybe a dozen accounts would definitely encourage me to change my passwords more frequently than I do now.

  2. John Fontana

    In the spirit of disclosure, last month I joined PingIdentity as an industry evangelist. Ping develops Identity security and Internet SSO tools, but before that I was a high-tech reporter for 15 years, some of which was spent covering this space. On the enterprise side, companies that wish to solve these issues for their end-users and network admins should go down to the plumbing level with single sign-on tools, based on standards such as SAML, WS-Federation, or look at emerging user-centric protocols such as OpenID, QAuth and InfoCards that are now mostly pointed at consumers. SAML is pretty well understood and Ping has many customers relying on SAML-based connections, but overall all these tools are emerging as the next-generation wave of log-on techniques. The questions to ask revolve around authorization and levels of assurance especially in the user-centric cases. There are still hurdles to cross but these technologies are certainly pointed toward solving user name and password issues.
    Here is a primer on SAML: (print) or (video)

  3. Zoli Erdos


    Thanks for the info. I don’t want to make this an enterprise contra consumer issue, but I think “consumers” (and that may very well include small businesses) that don’t have “IT support” are in the most imminent danger.