Sci/Tech Obama Administration Unveils Internet ID Plan

Lyerae

I keep popping up on this site from time to time.
Reaction score
105
The Commerce Dept. unveiled a plan Friday to create a national cyber-identity system that would give consumers who opt in a single secure password and identity for all their digital transactions.

The National Strategy for Trusted Identities in Cyberspace (NSTIC) will be a voluntary system designed to protect consumers from online fraud and identity theft -- which hit 8.1 million people last year, at a total cost of $27 billion. The problem: The current system of half-remembered passwords jotted down on post-it notes and based on pets and maiden names simply isn't good enough.

The "identity ecosystem" will create secure online IDs for Americans who elect to join the program, giving them a single credential -- such as a unique piece of software on a smart phone, a smart card, or a token that generates a one-time digital password -- which they can use to log on to a variety of websites.

More: http://www.foxnews.com/scitech/2011/04/15/obama-administration-unveils-internet-id-plan/

---

No.
 

Sevion

The DIY Ninja
Reaction score
424
Wow. This heinous crime has been uprooted...

:p

A single password is not very good...

You lose your password, you lose EVERYTHING.

Not a good idea with that IMHO.
 

phyrex1an

Staff Member and irregular helper
Reaction score
446
We have a similar system in Sweden, called BankId. It's run by a private company, owned in part by several different banks. The government license certain electronic signatures (so that they get the same legal binding as an analog signature) but otherwise they are a private entity.
I get a certification program from the BankId company and a certificate from my bank. The certificate is password protected and if I lose the password I can request a new certificate from my bank.

The only non theoretical problem so far is that the BankId client doesn't work on linux 64bit so I have to use a virtual machine just for the e-signatures. If you assume that we need a safe way to do (legally binding) signatures through the Internet this approach is about as good as you practically get. If you add a physical token instead of a file on the computer you have a pretty secure system.
 
General chit-chat
Help Users
  • No one is chatting at the moment.

      The Helper Discord

      Members online

      Affiliates

      Hive Workshop NUON Dome World Editor Tutorials

      Network Sponsors

      Apex Steel Pipe - Buys and sells Steel Pipe.
      Top