I've written several posts about security including identity management, role-based access control, and two factor authentication.
As we work to follow best practices, I'm always interested in learning about emerging technologies.
I was recently emailed about OneID as a means to secure identity using specifically registered devices. Here's a technology overview.
Here's the full story.
The bottom line is that by using digital certificates placed on your known devices, application passwords can be eliminated for those applications that can integrate with the OneID approach.
If a device is lost or stolen, it's easy to deactivate the device and remove all authentication.
The approach is resistant to phishing, keystroke loggers, and malware since nothing typed on the device is sufficient for authentication.
Device-based certificate management for easy authentication that eliminates many password management issues. That's cool