Re: WHY USING FACEBOOK, GOOGLE, AND TWITTER TO LOG INTO APPS IS A PROBLEM from Melvin Carvalho on 2015-06-17 (public-credentials@w3.org from June 2015)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Wed, 17 Jun 2015 16:16:18 +0200
To: Eric Korb <eric.korb@accreditrust.com>
Cc: Credentials Community Group <public-credentials@w3.org>
Message-ID: <CAKaEYh+VB-ib-t-57E0isMCJgToJDj6jq5i398DP8Y0pHtkRpQ@mail.gmail.com>

On 17 June 2015 at 14:23, Eric Korb <eric.korb@accreditrust.com> wrote:

> Interesting article.
>
>
> http://www.fastcompany.com/3044280/one-more-thing/the-ghosts-of-app-permissions-past
>

Yep, it used to be even worse.  They used to phish your password:

http://microformats.org/wiki/social-network-anti-patterns

Mozilla persona still does this.

I prefer to keep credentials in the browser.  This can be done today with
X.509 or the web crypto API.

>
> ----------------------------------
> Eric Korb, President/CEO - accreditrust.com <https://www.accreditrust.com>
>
>

Received on Wednesday, 17 June 2015 14:16:47 UTC