Open in app

Sign in

Write

Sign in

Basics of Digital Identity Revisited

Hitoshi Kokumai
2 min readSep 9, 2022

--

Back To The Identity Basics: The Who, What, and How of It All

https://www.linkedin.com/pulse/back-identity-basics-who-what-how-all-hanno-ekdahl

This Hanno Ekdhal’s newsletter drove me to revisit an earlier writing published 19 months ago — “What We Know for Certain about Authentication Factors” https://www.linkedin.com/pulse/what-we-know-certain-authentication-factors-hitoshi-kokumai/

A: ‘Yes/No’ on feeding correct passwords/EPS and ‘Yes/No’ on presenting correct tokens are deterministic, whereas biometrics which measures unpredictably variable body features of living animals in changing environments is probabilistic.

B: It is practically impossible to compare the security of a strong or silly password with that of a poorly or wisely deployed physical token even though both passwords and tokens are deterministic,

C: Direct comparison of something deterministic and something probabilistic would absolutely bring us nowhere.

D: Deterministic authenticators can be used on its own, whereas a probabilistic authenticator would lose its availability when used on its own.

E: Deterministic authenticators can be used together in a security-enhancing ‘multi-layer’ deployment, whereas probabilistic authenticators can be used with another authenticator only in a security-lowering ‘multi-entrance’ deployment unless we can forget the availability.

F: Removal of the password brings a catastrophic loss of security. It also makes a grave threat to democracy.

G: PIN belongs to the family of password as a numbers-only password; displacing a password by a PIN is like displacing the ‘knife family’ by a ‘paper knife’.

H: Password/EPS, token and biometrics are ‘authenticators’, while two/multi-factor schemes, decentralized/distributed digital identity, single-sign-on schemes and password management tools are all ‘deployment of authenticators’; We would obtain nothing by comparing the former with the latter.

………………………………

It’s really sad that so many security professionals and big IT players still turn a blind eye to these basics of digital identity security.

Website — https://www.mnemonicidentitysolutions.com/

Digital identity blogs collected at https://www.linkedin.com/pulse/collection-digital-identity-comments-hitoshi-kokumai-posted-kokumai/

Cybersecurity
Identity
Authentication
Passwords
Democracy

--

--

Hitoshi Kokumai
Hitoshi Kokumai

Written by Hitoshi Kokumai

28 Followers
2 Following

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams