Comment Re:How does centralized login solve keylogging? (Score 2, Insightful) 127
And this solves the keylogger problem how?
It doesn't. You still have to authenticate at some point; at most, it reduces the opportunities for a keylogger to catch the password (if you only have to type it in every couple of weeks).
In exchange, it provides phishers with a dream environment. The only way to be certain you're actually connected to your authentication provider is to use SSL and make sure that you see the lock -- and if your security depends on Joe Random User doing that, you've already lost.
Shalon Wood