Some people are concerned on OpenID security and the possibility of phising. Some people are giving solutions to it, and while I?m not trying to be the one that’s not part of the solution, this is just crazy: http://blog.passfaces.com/?p=23
If you go there you can see that passfaces is trying to implement a security system based on our ability to recognize faces. While it might seem like a good idea at first, doesn’t seem to be if you take a closer look by using their demo. You have to be “trained” to recognize the faces, basically, see a photo several times and learn to find it among other photos of faces.
To ask people to “train” in order to be secure is by far more utopic than asking them to have secure passwords, change password every X months and to have different passwords for different site.
While passfaces might be a good idea, it is just not practical. I don’t think they will gain many users for the service.
