Direct Logins Database
jon.ha...@gmail.com
The direct logins idea is great, but it is a pain for each person to
have to collect all the data for each, it would be much better if it
had a database of direct logins associated with urls. So once someone
entered the direct login information it would then be accessable by
everyone, and once you entered a url it would fill in the direct login
information automatically.
I don't know what the security implications of this would be, perhaps
not too good, and this might already exist, if it does I appologies.
Thanks, Jon.
Giulio Cesare Solaroli
the idea of a direct login configuration database is raised quite
regularly on this group.
The convenience of having a central repository of up to date
configurations sounds really promising, but when you start looking
into the details a few concerns make the whole idea less than optimal.
- accessing a central configuration repository from within the
application, will leek which sites you are accessing using a direct
login; probably not a big issue if this is a Google account, but I
think it would be very easy for anybody to list some sites you are not
willing to be related to, starting from bank accounts, in order to
avoid highly targeted phishing attacks.
- internet is a huge place to classify, and it also highly mutable.
Keeping a central repository of direct login configurations is going
to be a never ending task. And even if you would start it, a manual
configuration gathering should always be necessary for all the sites
that have not being included yet. All these options would make the
process of configuring a direct login much more complex (given all the
possible paths that should be managed) to implement, to describe, and
possibly to use too.
For these reasons, each time we have looked into how to simplify the
configuration of the direct logins, we have settled for the current
solution. We are planning to streamline the interaction during the
creation of a direct login, but leaving the process mostly unchanged.
I hope you could agree with our vision on this subject.
Best regards,
Giulio Cesare