Here is another way to avoid having an easily guessed password:
Passweird: Password Too Gross to Steal This website will create for you a password that is not only secure*, but is also so utterly repulsive that not even the most hardened criminal, identity thief, NSA agent, or jealous boyfriend would ever want to use it.
Welcome to 2014! Here is the news from the last of 2013:
Anil John: My 10 Most Popular Identity Related Blog Posts of 2013 For this blog post, my last one for this year, I went back and ran the analytics on which of my posts from 2013 you, dear reader, found interesting. Here are the top ten, in the order they were written. Thank you for your continued readership and comments, and I wish you and yours the best in the upcoming year!
Mike Jones: Public review of proposed Final OpenID Connect Specifications has begun I'm thrilled that OpenID Connect is significantly closer to being done today. Proposed final specifications were published yesterday and the 60 day public review period, which leads up to a membership vote to approve the specifications, began today. Unless recall-class issues are found during the review, this means we'll have final OpenID Connect specifications on Tuesday, February 25, 2014!
Nishant Kaushik: O SCIM, Where Art Thou? Connectors, more specifically provisioning connectors, have always been the bane of my career, and I'm sure I'm not alone in feeling this way. It really is what drives a lot of us in the identity management game to drink. I know it's what gives Frank V nightmares. Because each connector is a mini-product in itself - they have to be R&D'd individually, development doesn't scale, they're not sexy, they're not a competitive differentiator that helps you sell, they're resource hogs that have to be maintained and upgraded. And that's just from the vendor side. Building a bigger and better connector framework becomes our white whale, because connectors are always a moving target.
Nicole Perlroth, NYT: New Clef Plug-In Lets You Forget About Your Password The future will be passwordless. But for now, we have Clef. On Wednesday, Clef, a start-up in San Francisco, will unveil a new feature -- developed by a passionate, 21-year-old Clef user and a team of moonlighting developers -- that allows anyone using Google's Chrome Web browser on their desktop to log into any site, simply by pointing their phone at their computer.
Inventor of RSA's SecurID Wins Patent on New Cybersecurity System Kenneth P. Weiss, the entrepreneur who invented the computer password fobs that millions of people carry with them daily, told CIO Journal that he has received a patent on a next-generation cybersecurity system. Dr. Weiss said the new system combines three layers of security, making it almost impossible to defeat.
Paul Madsen: An IoT continuum Currently, the burden falls on us humans to 1) sense the world around us 2) analyze that sensory data & decide how to best deal with it 3) act on that world accordingly. The Internet of Things will change that - evolving from systems that help us with #1 to eventually helping us deal with #2 & #3.
Jamie Ryan, Layer 7: Snapchat Snafu! While Snapchat does not expose its API publicly, this API can easily be reverse engineered, documented and exploited. Such exploits were recently published by three students at Gibson Security and used by at least one hacker organization that collected the usernames and phone numbers of 4.6 million Snapchat users. Worse, the company has been aware of these weaknesses since August and has taken only cursory measures to curtail malicious activity.
David Alexander, Mydex: Do People Really Care about Personal Data? Last December, technical errors - tagging a photo and failing to understand Facebook's privacy settings - led to the public exposure of a private photograph. The photograph itself wasn't much - a kitchen full of family members gaping at their mobile phones. Nonetheless, its widespread publication caused distress to the owner of the picture and, in the way of the contemporary Internet, there was no way to call it back. The irony: the photograph belonged to Randi Zuckerberg, the sister of Facebook CEO Mark Zuckerberg, who told Techcrunch in 2010 that privacy is no longer a social norm.
Phil Hunt: Double-blind Identity On November 13 and 14, the Government of British Columbia, Canada, launched the first in a series of public consultations on identity and digital services. For several years now, BC has been working on a new identity services project that would enable citizens to securely access government services online. For BC, there is clear motivation: reducing identity management and fraud costs in everything from drivers licenses to health insurance. BC's hope is that this can play a role in helping provide better services down the road as well as improving the overall privacy of residents.
NSTIC Pilots in Motion - Jan. 30: This is a special event produced by Kantara and hosted at the Department of Commerce in Washington DC. The event is an industry day that will feature NSTIC pilots where Kantara is playing a role. Event space is limited. If you're interested to join us please send an inquiry to email@example.com.
HIMSS - Feb. 23-27: We're planning an amazing workshop for HIMSS 2014. The is the second year in a row Kantara will be hosting a workshop at HIMSS. This conference goes big and we love the theme: Innovation, Impact, Outcomes, Onward!
RSA - Feb. 24-28: RSA is always an amazing event. We have Kantara Members appearing on conference agenda topics and we're very happy to bring the next installment of "Non-Profits on the Loose."
EIC - May 12-16: The European Identity and Cloud Conference is an event we look forward to every year. We'll be hosting another workshop at EIC in 2014. We'll be presenting around IRM, UMA, Profiling of OpenID Connect & OAuth, and much more.