Identification, authentication, and authorization are becoming increasing problems as the internet expands into every facet of our existence. The burden of attempting to maintain secure account credentials across a number of resources is a real challenge with a traditional username and
password combination. If the same password is used on multiple sites and that password is compromised then all sites using that password are also at risk. If a user maintains unique passwords on different sites then the burden of managing those passwords becomes a problem. Where are those passwords stored? Is that a secure location? Are passwords stored with some sort of encryption? This whitepaper will examine some of the problems associated with identification, authentication, and authorization and explore OAuth2 as a potential solution to this problem.
http://www.krowv.net/papers/DavidKrovich-OAuth2Whitepaper.pdf