If you're to create a Web 2.0 site today, what kind of authentication scheme will you use?
asked Sep 04 '10 at 01:14
Like many technical decisions, the answer is "It depends on the purpose."
If it's a relatively 'closed' site (e.g., a private forum, a company extranet, or a commercial banking site), then I'd use a private authentication scheme such as username+password (over HTTPS, obviously).
For sites that require stronger authentication (a sensitive company intranet, or high-finance banking site), I might consider augmenting this with a hardware dongle.
For public-access sites, such as this, and for commenting on articles/blog posts, etc., then I'll probably go for OpenID.
One exception to all the above—even if it's a relatively 'closed' or private site, but users will be expected to log in to multiple other, related sites, then I'd support and provide OpenID to allow the convenience of single sign-on or SSO.
For example: if I were to design a government Web site, where users are generally expected to be logging in to multiple government Web-based services all over, then I would support and provide an OpenID authentication scheme.
That is, if users register with one department's Web site, they should be able to login to other departments' Web sites using the OpenID provided for them. This will also make it easier to identify unique users throughout the entire system (which would otherwise be maddeningly difficult if users were required to register unique logins and passwords at each site).
answered Sep 04 '10 at 09:34
Alistair A. Israel
I'd use email and password. It stops most spam bots (as you need a valid email address to confirm). FB Connect, OpenID -I don't trust these, but you can use them - makes it easier for people to sign up. I still prefer email authentication afterwards. It's more "secure".
answered Sep 04 '10 at 06:26
Since you already mentioned your assumption of a public web site, I'd definitely suggest using authentication via social networks. Top reasons would be:
answered Sep 18 '10 at 16:14
Nikki Erwin Ramirez ♦♦