David Haslam wrote: > Even without SSO, Firefox users could adopt automatic login for all > these services, and just maintain a strong master password on > Firefox.
Shell access? SVN access? These, at least, are not likely to be done from Firefox :) And the point is more that the user should not have to sign up N times, one per service, and then, every few months, change their password(s) in N different places to keep things secure. Even once per organization is "too many" for some folks these days, hence the rise of OpenID. But that's a whole different issue. > For web services not involving monetary transactions, this is probably a > good enough solution for many people, apart from anyone in a sensitive > country, or who regularly make use of computers in public locations. I'd say SSO is more about convenience then necessarily about security (although when you change your pws and forget one or two of the N places to change it, that becomes a security problem!). Personally, I deliberately do not keep any passwords in Firefox. For anything. On machines I use frequently, I turn that off in my FF profile, so that it never asks me about remembering them. I'm probably not an average user :) Jonathan _______________________________________________ sword-devel mailing list: sword-devel@crosswire.org http://www.crosswire.org/mailman/listinfo/sword-devel Instructions to unsubscribe/change your settings at above page
