Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Single sign on solutions don't work when some of the systems you sign on to are air-gapped and will never, ever, EVER be connected to any network. Other networks I access are completely separated from the greater internet. It would be useful, but single sign on would take my 25-30 passwords and shrink it to about 15.

Which would be useful but would still require me to keep track of them manually.



In those cases people should be using hardware authentication tokens. They're both more usable and more secure.


Try convincing the US government of that. I wish you luck (I really do). Trying to educate program security people on computers is one of the banes of my existence.


Plenty of parts of the US government do know. I've seen multiple DoD networks where hardware tokens are the required form of authentication.


So have I. CACs don't work on classified systems though.


https://en.wikipedia.org/wiki/Common_Access_Card


These don't work on all networks. Like classified networks.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: