OpenID is an service which allows users to log on to many different web sites using a single username / password. This eliminates the need to create and remember a strong username / password for each site. The assumption, of course, is you create a strong OpenID.Of course, if that information is lost or stolen, you're in big trouble. JanRain is "a recognized leader and primary catalyst driving the OpenID market forward," and they've created a second authentication layer for OpenID, using a callback service.
The CallVerifID service is described on the myOpenID site as follows:
CallVerifID is a free, phone-based two-factor system that eliminates the need for expensive tokens, card readers, and other devices. It works with any phone. To try it out, visit your Authentication Settings page and enable CallVerifID.According to the site, to authenticate, you simply answer the phone and press #.
CallVerifID uses PhoneFactor, a recognized leader in phone-based authentication services as their provider.
The only problem I could see for this is if you use your cell phone number (the most likely number as you can carry it around), and forget your phone at home, you're S.O.L.
However, it looks like (and I only tested it a couple of times) they use a consistent number to call your phone ... if this was always the case, and you have GrandCentral, you could set up GrandCentral to call multiple numbers for you, so you could be sure that leaving your cell phone at home doesn't leave you up a creek.
Still, even with that problem, CallVerifID sounds like, at least if you use OpenID, a great additional layer of security.
0 comments:
Post a Comment