Washington, February 26 (ANI): A single-sign on system that enables web users to log in only once to access to a multitude of accounts has drawn renewed interest from researchers.
According to Suriadi, Information Security Institute, Queensland University of Technology, the Internet authentication system from the 1980s would require extreme privacy to avoid information spies and account hackers.
Suriadi explained: "Single-sign on systems are already being used by organisations. For example, a bank could link their Internet banking site to an online trading site, thus relieving users from having to perform an extra log in step.
"However, if one of the parties is compromised, for example by a virus, a 'denial of service' attack or insecure set-up, it puts all the user's linked accounts at risk."
Suriadi's study was based on a little-used "anonymous credential system" dating back to the 1980s.
He added: "Using this credential system, we could enhance the security and privacy of a single sign-on system. The system works by revealing as little information about who you are as necessary for logging into an account, therefore allowing you to remain anonymous.
"This way, a company wouldn't be able to track your shopping habits and target spam or marketing at you. This method could also confirm you are over 18 and not reveal your birthday." (ANI)