Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

January 27 2012

hdknr

Guide to Running a User Account System (Google)

Introduction: User Account Systems

The hack that makes Internet Identity possible

Which face are you presenting to the world?

Human -> Emails -> Local IDs -> Passwords

The Weakest link

So what happened in 2008?

Secure mashups

Chapter 1: Account Chooser

Requirements

The Account Chooser Experience

Central Account Chooser

Local Account Chooser

Local + Central

Email providers and Account Choosers

Passwords and Account Choosers

Chapter 2: Mobile/Desktop Apps

Chapter 3: What is an Identity Provider?

Chapter 4: Baby steps to passwordless login

Chapter 5: Identity Providers and Email Providers

Account Chooser without passwords

The Email Attribute

Full Rollout

Login with a button

Session Lifetime

Persistent or Session Cookies

Cookie lifetime

Single Sign Out

Chapter 6: Popular Identity Providers and Social Login

The good, the bad, and the ugly

Account Chooser and Popular Identity Providers

Login with a button

Account Linking Wizard

Chosen account has no IDP

IDPs that do not assert Email address

Per-RP IDs

Chapter 7: Consuming APIs

Chapter 8: Local Social Graph

Chapter 9: Certification of Providers

Chapter 10: Exposing APIs

Chapter 11: Relationship Managers

What are the advantages?

Examples

Chapter 12: Relationship Guides

Chapter 13: Identity Verification and Attribute Providers

Chapter 14: Stronger authentication for users

Phishing protection

Mixed Strong Authentication

Economics of consumer strong authentication

Chapter 15: Stronger authentication for robots

Robots and Dynamic Registration

Chapter 16: Conclusion

via docs.google.com

Posted via email from Notes for Digital Identities and Computing in the Cloud | Comment »