Questions tagged [identity]

Identity is the property of an object which allows it to be uniquely specified.

Identity allows you to specify a specific object or individual out of a group of objects or individuals.

For example: If Ann asks Bob to move a rock, she may specify the specific rock from rocks in the general area by:

pointing her finger at the rock
describing the rock's size, shape and color
giving map coordinates of the intended rock.

For people an ambiguous specification is a person's name which may not be unique. There may be more than one Ann or even more than one Ann Baker. For computer systems individuals are usually give a unique username, so that the use of a username is unambiguous.

232 questions

votes

1 answer

Deal with number changes in a phone number based authentication/login system

Twitter Digits (https://get.fabric.io/digits) provides an authentication/login system based on phone numbers for mobile apps, and several other mobile apps (e.g. Square Cash, https://squareup.com/help/us/en/article/5187-about-square-cash) has the…

asked May 02 '15 at 22:22

MLister

votes

2 answers

Single vs multiple personas? What are the security implications?

I have two email addresses, one for work and one for home. I have have two cellphone numbers, one for work and one for home. But I am just one individual (and only have one social security number which is something it would be inappropriate to have…

privacy identity

asked Dec 14 '12 at 02:11

Duncan

votes

1 answer

UPS my choice -- How can I access my public records?

I was signing up for UPS my choice and they asked me some security questions. It asked me questions that signified that it was able to figure out: Who my father is and when my father was born. My past addresses. What year I graduated high…

identity

asked Nov 07 '12 at 21:22

user606723

votes

1 answer

Is there any privacy- or security-relevant difference between FIDO2 and SQRL

I just learned about FIDO2 (WebAuthn) and try to make a comparison to the lesser-known novel SQRL authentication scheme. Both seem to use the same key elements: a private, user-resident "master key" thus not relying on a 3rd party like OAuth. a…

authentication privacy identity fido2 sqrl

asked Aug 22 '19 at 11:17

Marcel

3,494
1
18
35

votes

4 answers

How to verify personal information (identity)?

I've been trying to find this information but all I can find are answers saying to use a credit card for verification, not real answers. I am trying to figure out how/where companies get information to ask you to verify you have not stolen someone's…

identity identity-theft

asked Jun 25 '16 at 01:33

FrostyFire

votes

1 answer

Can windows domains be faked?

Without the equipment and software (and knowledge yet) readily available to test myself, I've been wondering about the relationship between computers and domains in a Windows environment. Some information is available in answers like…

windows identity domain-controller

asked Feb 27 '16 at 12:14

Oskar Lindberg

votes

1 answer

Why should I trust a JSON Web Token (JWT)?

In the SAML and Kerberos authentication models, there is an explicit understanding of what authority has authenticated the user and issued the credential to be trusted by downstream systems. For purposes of identity propagation, the rights of the…

identity saml kerberos identity-management jwt

asked Oct 12 '15 at 15:33

JaimeCastells

1,156
1
9
16

votes

1 answer

Does the modulus of a TLS certificate uniquely identify the client?

I'm working on a project using a trusted-peer setup. I want a way to uniquely identify each actor in the system, ideally across certificate re-issues as well. In my understanding, the modulus of a TLS cert uniquely identifies the client, and should…

tls identity

asked Jul 09 '15 at 13:38

Ryan Kennedy

votes

1 answer

SAML Assertion to Windows Identity (Kerberos token?) transformation

This is the scenario I need to cover: A WebService that trusts on an IdP using Ws-Trust or any thing like that, receives a SAML token to authenticate the user, and we need to call some SQL Server or any kind of service that uses windows integrated…

identity kerberos saml adfs

asked Jan 27 '15 at 20:47

Matt

votes

2 answers

Appropriate response to 2014 Russian Security Breach (CyberVor)

The report from Hold Security says that 1.2 billion sets of credentials are in the possession of this party. I have a feeling that this report may be a hoax or a partial hoax due to grammatical errors ("while we getting our full service ready") and…

passwords incident-response identity credentials

asked Aug 06 '14 at 06:39

Jay

votes

1 answer

Are there risks of using the same OpenID provider for sites with different security levels?

I always use the same OpenID provider (Google, with a strong unique pw and 2-factor auth) in every site that supports it, without thinking twice. It's my understanding that, as long as the provider is safe, it doesn't matter if one or more of these…

authentication identity openid identity-management

asked Feb 22 '13 at 00:14

mgibsonbr

2,905
2
20
35

votes

1 answer

Should or shouldn't I show a serial number, MAC address and other product ID when I sell it online?

I want to sell online some of the electronic stuff that I don't need anymore, such as my ASUS Wi-Fi router, and I'm wondering when I upload photos of it should I leave its serial number, MAC address, and pin code written on the back of the device…

identity mac-address serial

asked Dec 07 '20 at 10:09

Trueman

votes

2 answers

Can name and date of birth be hashed somehow to generate a secure identifier?

I'm working on a project which we intend to launch for developing countries, and, as a result, want to limit the amount of information needed for login and identification, while still maintaining individual privacy and security. Speaking to the…

encryption cryptography hash privacy identity

asked Apr 13 '20 at 23:40

Yakko Majuri

votes

1 answer

Why would a stranger keep signing up to trading sites with my email address?

I have read the answer below and understand that there is not much I can do about the basic problem of somebody signing up for newsletters and online services using my email address: Someone used my email address in order to access an online…

identity identity-theft

asked Jan 21 '18 at 22:37

JamesG

votes

1 answer

Can a Bitcoin Seller steal my Identity?

I was trying to buy some bitcoins on https://localbitcoins.com. However, the seller was looking for a copy of my ID and a photo of my debit card (long number covered). I'm curious as to how open this would leave me to some kind of identity fraud? …

identity banks identity-theft

asked Aug 31 '17 at 16:37

Rob

Prev 1 2 3

…

15 16 Next