Re: 'Corporate login' for a customer to a website

On Wed, 11 Jul 2007 22:26:56 +1000, Ken Schaefer wrote:

The only real way to have secure authentication is to have a shared secret
that both the client, and you, share. That can either be a password, or a
client certificate, or some kind of federated identity/SSO system (e.g.
provided by ADFS).


Thanks Ken

My understanding is that a client certificate is unique per workstation -
isn't that going to be large overhead on management?