I thought some people on here, especially being Linux users, would be interested in this. OpenID is starting to get to the point where there are a lot of sites using it for login; for example the LQ Wiki allows you to log in using your OpenID URL. It's handy to have one password that effectively unlocks all the services that you need online, but some people might want even more security. This week a company called TrustBearer Labs
released the first version of their
OpenID provider service which uses not a password but a "trusted device" like a smart card to sign you in to the service. We all know what big problems passwords can pose in terms of being stolen, guessed, forgotten, etc. So what's cool about this service is how it eliminates the necessity of using passwords for any web site that lets you log in with OpenID. But probably the best thing of all, at least for Linux users, is that it runs directly through the browser with a Firefox add-on. As a result, the only software you need on your computer is
PC/SC, a daemon used to access smart cards under Linux. Just "apt-get install pcscd". So, would you switch to using a smart card or USB token if you never had to remember another password to log in to an online service again?