Tuesday, January 23rd, 2007
Matt Reider decided to write a password vault called LockBin.
What is it, and why is it different?
LockBin is an AJAX website built in PHP. It stores our passwords securely, and uses OpenID to do so. It is sort of funny to me that it uses OpenID, because the technology was never intended to be used in this way. But it serves as a good way of encrypting data because I can save unique encryption keys for each user, without storing their keys anywhere on my server. The encryption key is their OpenID, which is located elsewhere and verified using a neutral 3rd party.
Isn’t this risky
This is a grand experiment about trust. Will people take a leap of faith and use a system like this? I am not sure that I would, but I am. But I trust it, because I built it. And if other people take that risk, it is likely that more will follow.
Posted by Dion Almaer at 9:28 am