Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>I've actually done this (set up my own server using phpMyID). It's very easy and works quite well. One thing that annoys me to no end is the use of HTML redirects instead of HTTP. I changed that manually, based on some information gotten in the <a href="https://www.siege.org/forum/viewforum.php?id=8" rel="noreferrer">phpMyID forum</a>.</p> <p>However, I have switched to <a href="https://www.myopenid.com/" rel="noreferrer">myOpenId</a> in the meantime. Rolling an own provider is fun and games but <em>it just isn't secure</em>! There are two issues:</p> <ul> <li>More generally, you have to act on faith. phpMyID is great but it's developed in someone's spare time. There could be many undetected security holes in it – and there have been some, in the past. While this of course applies to all security-related software, I believe the problem is potentially more severe with software developed in spare time, especially since the code is far from perfect in my humble opinion.</li> <li>Secondly, OpenID is highly susceptible to screen scraping and mock interfaces. It's just too easy for an attacker to emulate the phpMyID interface to obtain your credentials for another site. myOpenId offers two very important solutions to the problem. <ul> <li>The first is its use of a cookie-stored picture that is embedded in the login page. If anyone screen-scapes the myOpenId login page, this picture will be missing and the fake can easily be identified.</li> <li>Secondly, myOpenId supports sign-in using strongly signed certificates that can be installed in the web browser.</li> </ul></li> </ul> <p>I still have phpMyID set up as an alternative provider using <a href="http://yadis.org/wiki/Main_Page" rel="noreferrer">Yadis</a> but I wouldn't use it as a login on sites that I don't trust.</p> <p>In any case, read Sam Ruby's <a href="http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers" rel="noreferrer">tutorial</a>!</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload