(#7) Web Security Tip: Passport security issues

Avi Rubin and Dave Kormann

This Web Security Tip analyzing Windows Passport security issues received a user rating of 4.60. Do you have a Windows security tip? Submit it to searchSecurity.

With the release of Windows XP

    Requires Free Membership to View

comes access to a new feature called Passport. Passport has been around since January 2000, but it is receiving more attention now that it is integrated with Windows XP and is related to Hailstorm. Passport is a single sign-on mechanism for e-commerce. Instead of e-commerce customers needing to create separate usernames and passwords for every e-commerce site they visit, they need only to authenticate with a single Passport server. Then through a series of authentications and encrypted cookie certificates, the user is able to purchase items at any participating e-commerce site.

This tip will summarize the risks of Passport so that you as a security expert will be informed enough to advise your customers.

Read the rest of this tip.

For more information on this topic, visit these other searchSecurity resources:
Best Web Links: Securing Microsoft applications
Best Web Links: Securing the Internet and e-commerce

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: