It's definitely not an easy problem. I hope I haven't come off as too harsh. Client certificates would be great. I think you write off the value of hardware tokens too quickly, but by all means, look at other ways. Auth is one of the first things any of us have to do when putting together a service. This is something a lot of us have studied for a long time. Welcome to the party :)
It's definitely not an easy problem. I hope I haven't come off as too harsh. Client certificates would be great. I think you write off the value of hardware tokens too quickly, but by all means, look at other ways. Auth is one of the first things any of us have to do when putting together a service. This is something a lot of us have studied for a long time. Welcome to the party :)