[Freedombox-discuss] Identity UI

simo idra at samba.org
Sat Jun 23 19:31:44 UTC 2012


On Sat, 2012-06-23 at 10:27 +0200, Michiel de Jong wrote: 
> On Sat, Jun 23, 2012 at 7:23 AM, Nick M. Daly <nick.m.daly at gmail.com> wrote:
> > So, identity is pretty fundamental to this project.  Without identity,
> > privacy is a meaningless concept.
> 
> good point!
> 
> > The FreedomBox identifies a person or
> > group of people through their keys.
> 
> IIUC, that seems to be design choice aimed at power users. You access
> your freedombox from either your laptop, or your phone, or an internet
> cafe, right? That means that you need to configure the key on your
> laptop, then configure it on your phone, and then export it onto a usb
> stick, then put the usb stick in your wallet, take it with you on
> holidays, not lose it, take it into the internet cafe, stick it into
> the computer there, and know how to use it to install use your key on
> this computer at the internet cafe.
> 
> actually, power users probably don't even use internet cafes. my point
> is, in general, people want the device they use to get to their
> freedombox, to be stateless. if there is a key involved, then that's
> not stateless. All people can remember is their email address and
> their password. Should we design for these people? Should we teach
> these people new behaviour?

You should probably at least think of using an OTP.
It is easily available, relatively easy to set up, and you can use it
with a softtoken on your laptop/phone.
Mere passwords are easier to steal.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>




More information about the Freedombox-discuss mailing list