{"_id":"5a0b0d9b04d0d600269f137b","category":{"_id":"5a0b0d9b04d0d600269f1375","version":"5a0b0d9b04d0d600269f1373","project":"573c7e3b9eef3a0e00b51c58","__v":0,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2016-07-19T14:41:36.843Z","from_sync":false,"order":1,"slug":"integration-guide","title":"Integration Overview"},"parentDoc":null,"project":"573c7e3b9eef3a0e00b51c58","user":"573c7e0afe58321900f1b97d","version":{"_id":"5a0b0d9b04d0d600269f1373","project":"573c7e3b9eef3a0e00b51c58","__v":1,"createdAt":"2017-11-14T15:36:59.500Z","releaseDate":"2017-11-14T15:36:59.500Z","categories":["5a0b0d9b04d0d600269f1374","5a0b0d9b04d0d600269f1375","5a0b0d9b04d0d600269f1376","5a0b0d9b04d0d600269f1377","5a0b0d9b04d0d600269f1378"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"2.0.0","version":"2.0"},"githubsync":"","__v":0,"updates":[],"next":{"pages":[],"description":""},"createdAt":"2016-09-13T19:56:32.399Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":1,"body":"There are a number of approaches, ranging from mandating Privakey while doing away with passwords to allowing Users to optionally enable Privakey.  Each approach has implications on the overall security, ease of adoption and scope of implementation. \n\nDepending on the current authentication constraints of your service, the security needs of your application and your user’s appetite for change, you will need to determine the most appropriate approach.  The matrix below represents a summary assessment of the security / ease of use of a number of different options.  \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/a305723-Relying_Party_Implementation_v1_1_Formatted_1.jpg\",\n        \"Relying_Party_Implementation_v1_1_Formatted_1.jpg\",\n        491,\n        229,\n        \"#e9e8e9\"\n      ]\n    }\n  ]\n}\n[/block]","excerpt":"There are a number of approaches, ranging from mandating Privakey while doing away with passwords to allowing Users to optionally enable Privakey.  Each approach has implications on the overall security, ease of adoption and scope of implementation.","slug":"mandatory-or-optional-what-about-user-name-and-password","type":"basic","title":"Mandatory or Optional? What about User Name and Password?"}

Mandatory or Optional? What about User Name and Password?

There are a number of approaches, ranging from mandating Privakey while doing away with passwords to allowing Users to optionally enable Privakey. Each approach has implications on the overall security, ease of adoption and scope of implementation.

There are a number of approaches, ranging from mandating Privakey while doing away with passwords to allowing Users to optionally enable Privakey. Each approach has implications on the overall security, ease of adoption and scope of implementation. Depending on the current authentication constraints of your service, the security needs of your application and your user’s appetite for change, you will need to determine the most appropriate approach. The matrix below represents a summary assessment of the security / ease of use of a number of different options. [block:image] { "images": [ { "image": [ "https://files.readme.io/a305723-Relying_Party_Implementation_v1_1_Formatted_1.jpg", "Relying_Party_Implementation_v1_1_Formatted_1.jpg", 491, 229, "#e9e8e9" ] } ] } [/block]