I ran into this a while ago, and thought it was a wonderful discussion of how to go about designing a high quality authentication system.
As I’ve mentioned in the past, authentication is one of the hardest problems in security – authorization (AccessCheck) is relatively simple, but authentication is a nightmare.
This dialog, from MIT, discusses the issues that need to be considered while designing an authentication system, and the ramifications of not considering them. All-in-all, an excellent read.
On a personal note: Work’s getting very hectic, so the blog’s likely to go dark until sometime next week, sorry about that :(.