The Ghost of Snapped Shot

Or, welcome to my low-maintenance heck.

Security Side Note

Security through insecurity?

A word of warning to anyone who, like us here at Snapped Shot, uses myOpenID to manage authentication across a multitude of websites. I started encountering strange error messages with the service yesterday, and while I thought it was strange, since I don't ever recall having problems with their service, I shrugged it off as potentially related to The Great Amazon Outage of 2011, and didn't think anything of it until later in the evening.

Upon digging into things further, I discovered—to my horror—that my account had simply disappeared without a trace! I had a moment of panic, as I tried to figure out how I could reconfigure all of the accounts I had already tied to myOpenID to use a new account, but on a fluke, I tried applying for an account using my previous myOpenID username and password.

It worked.

And I was able to use the account to sign into all of the services I had used previously.

That does raise an interesting point, though—which I think is worth bringing to your attention. If your OpenID provider deletes your account, whether by accident or by design, be aware that there's nothing stopping someone else from hijacking your Internet Passport, and using your previous credentials to cause mischief in your name all over the internet.

Hopefully, this is a security "feature" that will be corrected before too long. As someone who spends a bit of time in the computer security world, it's definitely not comforting to see this happen.


Powered by Snarf · Contact Us