Attackers can use the "Covert Redirect" vulnerability in both open-source log-in systems to steal your data and redirect you to unsafe sites.
You don't have to be an online security expert to know that usernames and passwords are not cutting it. It's time to completely re-think how we manage our online identities.
Missing from its first months in beta, Mozilla's Persona Web site log-in system now adds Gmail to its list of sign-in credentials you can use.
An update to Mozilla's beta log-in system lays the groundwork for using preferred Web mail username and password to sign in on multiple sites.
When doing research or visiting a favorite Web site, keeping a few notes can always be handy.
Webware 100 winner: OpenID
The universal log-in standard hadn't come to Facebook sooner because of security and user experience concerns, a post on the social network's blog explained.
Larry Magid talks with Max Engel of the social network about the company's efforts to promote log-in identification cooperation among various sites.
We may not see OpenID coming to Facebook Connect anytime soon, but this is a big step for the social network that many open-standards advocates once wrote off for its walled-garden nature.
You own your identity. That's why we talk about identity theft: Identity is clearly personal, and it can be stolen from us. But it can also, in some cases, be legally taken. So who really owns your online identity? Your social network? Your reputation? We discuss with two experts: Dick Hardt, who worked on OpenID, and Peter Kazanjy of the reputation service Honestly.com.