You should only have to log on once. It’s insecure and awkward to have to log on separately to every different website you visit. Personally, I probably have 10 or 20 different sites that I’ve set up usernames and passwords with and it’s a real pain to keep track of. As John Udell points out in his screencast (flash required) if you use the same password on all the sites you visit, and one of them gets compromised, then you’re in big trouble, because your whole identity can then easily be hacked.
This problem effects nearly every Internet user I know. It’s a really big problem, and no one is taking it seriously enough. There are a couple of solutions, but none of them is quite satisfactory just yet.
Jon Udell’s screencast suggests one way of dealing with the problem. It’s pretty good, but it’s just a hack, not a solution. Some sites have more than one domain name. You may have to have different usernames on different sites, if your preferred username has already been taken. It’s still quite clunky to use, especially if you are away from your own computer, because the solution involves making minor modifications to your browser.
It isn’t really ‘single-sign-on’ as Jon Udell claims. Single sign-on is when you log on once for your whole web browsing session, and are then automatically authenticated as appropriate. That isn’t what this solution does. It’s basically just a password-management scheme (although I have to say, it’s a pretty good one).
So what’s the solution? Well, I think there have to be a few ‘prongs’ to the attack:
1. We need something like sxip. Sxip is a system for managing decentralized identities. It’s a set of standards, together with a centralized infrastructure. However, sxip appears to me from the presentation I have seen to have problems. It’s just too centralized, and it would be better to put the ‘home site’ information into the domain name system, rather than into a new type of server. From what I’ve seen, there are also serious business planning issues for Sxip – how can Sxip attract the right sort of sites into the system in order to make the system fly? Still, it’s a good idea and Dick Hardt has thought harder about these problems than anyone.
2. We need to sort out the browser. The browser should hold the smarts to manage authentication and privacy. That means that when a website requires authentication, the browser should be able to check with the user to get the go-ahead before providing identifying information. This used to be very difficult, because the Big Boys controlled the browsers. As Udell’s solution demonstrates, the advent of Mozilla and Greasemonkey make it much easier to add new functionality to desktop software.
3. We must not sacrifice the privacy and dignity of website visitors in order to allow identity management and authentication (which is basically what Microsoft’s Passport does).
4. The standards we come up with should be open, in the sense that it should be easy to bolt new things onto identities. For example, it should be possible for an identity to be ‘endorsed’ by another identity – for example, the Bank of Ireland could endorse my identity, to provide an assurance that I am who I say I am. To bring things further, it could provide an endorsement to the effect that I am good for my debts.
5. It should also be open in the sense that anyone, no matter how disreputable can establish themselves in the system without undermining the system as a whole. (Of course, such people will have difficulty attracting users and endorsements
There’s a lot of theory, and a lot of technology involved, but at the core, the important thing is that website visitors shouldn’t have to think so much about authentication and identity. They should only have to log on once.
Justin Mason, author of Spamassassin, writes about the nuts and bolts of integrating with Flickr to share one aspect of identity, the groups they belong to.
My own tiny contribution to the literature, widely pilloried.