Wednesday, March 15, 2006

Usability Workshop Part 2

Part1

Back from break. We are in the Citigroup HQ on Long Island. Why did they build there? Well they have this amazing view of Manhattan. Reminds me of the story of Eton Hall, the 150 room Gothic pile built by one of the Dukes of Westminster. A visitor suggested he build a small cottage next to it and go live in that so he could look at his magnificent palace.

Just had the Google presentation, essentially why all the existing mechanisms are flawed, particularly when based on passwords due to the low entropy of passwords that people actually choose. The graph they show on the simplicity of passwords is scary. An even scarier graph would show how many people use the same simple password for more than one account.

I disagree with some of this analysis, static passwords are certainly vulnerable to a man in the middle dictonary attack but a dynamic password is not. If the dynamic password is bound to the domain using it the dictionary attack is no use to another party.

Static passwords are definitely bad juju. There may be no good way of fixing them that is compatible with the legacy infrastructure. If we get into the business of fixing the infrastructure why not just do the job properly with a technology such as infocard?

Now its Yahoo! Mostly concentrating on the type of thing that we would like the infrastructure to support.

World Savings Bank now giving the financial services provider point of view. The institutions are rushing to deploy two factor solutions but there are no standards in place.

A point I would like to raise here is the division of responsibilities. It is our responsibility as a standards org to define a secure protocol that enables the browser provider to deliver a secure, trustworthy user experience. It is the joint responsibility of the platform providers and the browser providers to fend off chrome attacks such as bogus status icons, address bars etc.

Another point that seems to be lost is the fact that we do not need the same level of security to protect a blog as we do to protect the ability to view a bank account as we do to transfer money out of that account, add a new payee etc.

No comments: