Cryptosmith

I’ve been trying to get these two to play nicely together for a while, and it looks as if Will Norris may have finally slain this here dragon. Will is the principal author of the WordPress OpenID plugin.

In an ideal world, people never, ever disclose passwords on unprotected Internet connections. In general this means the server has to provide SSL support. However, you can sort of sidestep the problem by using OpenID. It’s not perfect, but it addresses that particular vulnerability. (Revised 1/28) Continue Reading »

Posted under Security | 2 Comments »

Will Norris is working on a revision to OpenID for WordPress. This is good, and I have some observations and suggestions. At the moment the OpenID plugin works pretty well – I have separate logins delegated through domains I own. I routinely log in through OpenID for both routine and administrative activities. Continue Reading »

Posted under Security & WordPress | 2 Comments »

This is more of a reminder to myself – you can enable SSL on WordPress, but it’s essentially an undocumented feature. This afternoon all I could find was a forum posting on enabling SSL.

There doesn’t seem to be genuine documentation on it in the Codex, at least, not documentation that pops out when you do a search. Continue Reading »

Posted under Security & WordPress | No Comments »

Thanks to the help of Will Norris, one of the authors of the WordPress OpenID plugin, I’ve managed to get it to work. I will include some notes on using OpenID in a permanent page.

Posted under Security & WordPress | No Comments »