Passwords should not be stored

[DustinVenegas]

I saw that the application is currently storing passwords in a database. To decrease our security concerns I would like to propose that we only use OpenId, OAuth, or similar 3rd party authentication services. This will ensure that in the event the database is compromised our users would have nothing to worry about.

This would require us to perform a one time "setup" where an administrator account is set via a one-time use page or via bootstrap scripts. After the database is bootstrapped this step would not need to be performed again.

Both authentication methods we're evaluating support 3rd party authentication.

[DustinVenegas]

@TheDahv, @smoak - I would like to hear your opinions on this. Regardless of which authentication module we use I strongly believe this should be the top consideration we have in mind. Since I'm already playing with the authentication modules, I can implement this sub-feature as well.

[TheDahv]

I originally wrote in the password login strategy to provide the freedom of choice. It is true that it does mitigate one vector of attack among many, but it also assumes all users want to use a 3rd-party authentication mechanism.

There are sites where I forgo using identity-providers (ahem, "facebook") because I don't want them all connected and I have the freedom to choose how I authenticate against that site.

So I vote for providing a securely implemented password option if that's how a user wants to authenticate.

[TheDahv]

Ok, I changed my mind about passwords.