« Introducing Kiran Dandekar | Main | Forward Looking Design Decisions »

The Identity Necklace

I often ask folks about the number of different user IDs and passwords they have for the various web sites they regularly visit. The answer is almost predictable -- more than 10 (always given with frown or an annoyed look). Some folks though sheepishly admit that while they have 10 different web sites they visit, they use the same password at all the sites. They also pull out their key ring and show me the 10+ loyalty card their grocery stores, pharmacy stores, gas stations gave them. Some are bitter about the hassle and the extra junk they need to carry with them. Some on the other hand don't mind the annoyance in carrying the cards around to be able to save cash on their next purchase!

While folks get discounts and real savings in the retail world, they are not saving any cash by using different usernames on the web. What surprises me is that most people take this in the stride and put up with the annoyance. The minor annoyance turns into a major hassle when the site policies change. Another common occurrence is when you forget the username or the password. The "remind me" button then becomes the most frequently used page on the web site. This multitude of usernames or credentials needed to access various web sites is a direct effect of how the web evolved in its early days. It was all about the particular site providing services to the users and there was not much incentive or need to think about the site as a part of the ecosystem. When you went to hotmail to get your free email, it was okay to sign up with a name that was available. But then came photo sharing sites, the bank(s), your utility companies, the baseball leagues web site, the on-line merchants who sold you books, clothes, electronics and pretty soon you had more logins than you care to remember. Sounds so web 1.0! Doesn't it? How long will users continue to get around with the shackles from the web 1.0 era ? Not for long would be my guess -- if there were a better alternative.

The explosion of the Web 2.0 world has exponentially increased the number of web sites. Increased is the sophistication of the services they provide and I notice a laser sharp focus in the definition of what the sites hope to provide. This has a direct impact on your userID necklace! What used to be 10-15 sites is quickly going to be
20+ different web sites you visit on a regular basis -- all with different policies, with different requirements for the length and content of your password.

Is there a solution here? This has been discussed before -- multiple times. Several solutions have been proposed, trialed and rejected. A solution that has a good chance of succeeding has to be simple -- simple enough for my grandmother to understand. In the past, some solutions have tried to do too much and that has not been well
received. It has to be light-weight and easy to implement so that developers are relieved of the tedium of the repetitive tasks they do today for every application they build. And last but not least, it needs to be open. I feel "open and simple wins".

Posted by on June 19, 2006 4:16 PM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search

Categories

Blog Tools | Blogosphere | DRM | Digital Movies DRM | | Feeds | Identity | Miscellaneous | PIP / SeatBelt | Ping | RailsConf | RailsConf2006 | RubyonRails | Tags | VeriSign |

Archives

Recent Posts

Google's Smart OpenID Move
DECE or the Digital Content Cloud: Last Chance for DRM.
The New Personal Identity Portal (PIP)
PiP and the "Fun" Test
Federation 2.0: In Search of a Switzerland for Identity Portability
Friend Connect or the Deportalization of Social Networks
The Business of Identity
Been a Busy Two Weeks!
Updating the PIP
Bringing Useful Scalable Security to OpenID

Comments

We encourage comments and look forward to hearing from you. Please note that VeriSign may, in our sole discretion, remove comments if they are off topic or inappropriate.
Powered by
Movable Type 4.21-en
Disclaimer: Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of VeriSign.

VeriSign Legal Notices

Read our Privacy Policy