Benefits of certificates vs. username/password auth.

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
Axel
OpenVpn Newbie
Posts: 1
Joined: Tue Jan 18, 2011 10:36 am

Benefits of certificates vs. username/password auth.

Post by Axel » Tue Jan 18, 2011 10:51 am

Hello,

from a securtity perspective are there any drawbacks of using only username/password
authentication compared to certificates based authentication besides the fact that there
is some extra security because of the file based key?

If you know of any cryptography related drawbacks (like forward secrecy etc.), please tell.

Thanks for remarks and ideas.

Axel

User avatar
gladiatr72
Forum Team
Posts: 194
Joined: Mon Dec 13, 2010 3:51 pm
Location: Lawrence, KS

Re: Benefits of certificates vs. username/password auth.

Post by gladiatr72 » Tue Jan 25, 2011 4:48 pm

Hello,

Since no one else has taken the opportunity to respond, here's my take:

Probably. I am not a crypto person. There are numerous articles/documents/etc that discuss the mechanisms/philosophies/math/weaknesses/etc of SSL/TLS [handshaking|setup|use|etc]. I would direct you to google for those. When I reach the (actually important) cryptographic descriptions, my eyes glaze a bit and my brain inserts phraseology to the effect of "I am Thankful the Individuals that Grok the Calculus/statistics/etc Exist" until the document picks up on something that is absorbable by Merely Me.

Regardless, they are definitely worth a read to get a bit of a handle on how things like OpenVPN work cryptographically. Whether or not it sets you at ease is dependent on how paranoid you are.

Regards,
Stephen
[..]I used to think it was awful that life was so unfair. [...]Wouldn't it be much worse if life were fair, and all the terrible things that happen to us come because we actually deserve them? -Marcus Cole

Post Reply