Is there any reason why Clickpass is _better_ than the solution of choosing a base password and then simply modifying that based on the websites I visit?
For example, "computer" is my base password, and for [f]aceboo[k] it would be "computer-fk". This isn't how I do it, of course, but it's a similar process that only requires me to memorize one password and take 5 extra seconds to tack on any additional characters.
If someone can justify the number of privacy issues -- and let's be honest here, any determined and skilled hacker WILL compromise these high-value systems -- over my few extra seconds I will glady sign up for Clickpass.
Edit: And just to clarify, I'm not trying to knock Clickpass here, I'm seriously asking about what is the real benefit of this system over mine.
Hi Kirse, The value with Clickpass is not just in its privacy and security but how easy it makes it to sign up for a site.
We've found that most people don't want to have to use any password anywhere so we're concentrating on making sure they can get on with what they need to do without doing so and that doing that is easy for a site to support - Peter Nixey (Clickpass co-founder)
I kind of agree with you, I tried Clickpass for HN and it wouldn't log me in. I don't know if I fumbled something up during the registration, but I went back to having my browser remember my password.
Also, wasn't the original intention with open id to host it on your own server? (Edit: I'm not saying that hosting it on your own server is any better/ worse, I just wanted to clarify this.)
All things said, congrats to Clickpass, this is a big step.
I went to clickpass.com, selected "log in using my Google account", entered the password at the google page I was bounced to, and now see:
"Warning! This website is registered with Google to make authorization requests, but has not been configured to send requests securely. We recommend that you continue the process only if you trust the following destination"
Seems like if you're going to make a business out of this, splatting a big warning like that in front of your users may be something worth fixing.
For example, "computer" is my base password, and for [f]aceboo[k] it would be "computer-fk". This isn't how I do it, of course, but it's a similar process that only requires me to memorize one password and take 5 extra seconds to tack on any additional characters.
If someone can justify the number of privacy issues -- and let's be honest here, any determined and skilled hacker WILL compromise these high-value systems -- over my few extra seconds I will glady sign up for Clickpass.
Edit: And just to clarify, I'm not trying to knock Clickpass here, I'm seriously asking about what is the real benefit of this system over mine.