Drop MS Passport, advises Gartner
PrintWants 6-month freeze for bug-ridden sign-on system
Posted in Software, 23rd May 2003 08:32 GMT
Free whitepaper – PowerEdge M1000e, M600 and M605 spec sheet
The Gartner Group has advised customers to avoid Microsoft's Passport authentication system for at least six months. If businesses continue to use Passport, they should bolster their defences with "an additional, more secure form of identification for all issued Passport identities," says Gartner.
The advisory note was issued on May 15, and follows the revelation of a trivial backdoor in Passport. Earlier this month, a security researcher discovered that he could access 200 million accounts at will by inserting the string "emailpwdreset" into a URL.
But perhaps Gartner was stung more by Microsoft's complacent reaction to the backdoor, than by the technical incompetence itself.
""You live and learn. We will obviously take a hard look to make sure that if something is sent through the nonstandard channels, and it is real, we are all over it," is how Microsoft's Adam Sohn reacted to the news.
Microsoft faces a potential $2 trillion fine from the United States' Federal Trade Commission for the breach.
Gartner warns that the loss of confidence in authentication systems will affect rivals, too - a fair conclusion, we reckon. Although the major retailers are pushing hard for authentication systems, the public remains rightfully skeptical of systems that harvest our personal data and offer little in return. ®
Enabling The Agile Data Center
What Exchange can't do - and Dell can
Analyst Keynote: The Register Agile Data Center Summit
Analyst Keynote: The Register Agile Data Center Summit
Sun's surviving staff hit with 'motivation' missive
Ubuntu's Karmic Koala bares fangs at Windows 7
Change your views: OS X tags exploited
Sun preps cell-phone Java plan for netbooks