Single Sign-On Nirvana
How many Web sites or services have you signed up for, only to forget your user
name or password? Here's the problem: You try to register, but the user name
you want is taken, so you add a bunch of random numbers to the end of your name
(say, dbarney8256). And even though nothing special is happening on the site,
the security gods who run it demand a complex password (say dBarn&y8256H20).
Got those committed to memory? I thought not. Use the Web long enough, and
you end up with dozens of these non-intuitive user names and unintelligible
passwords.
Single sign-on is one answer, and within high-end corporate environments, single
sign-on often gets you access to wide range of corporate info. But it does nothing
to help you remember the sign-on to your (my) favorite motorcycle forums.
A bunch of companies that don't particularly like each other have
agreed to help. Google, IBM, Microsoft, VeriSign and Yahoo are all members
of the OpenID Foundation, which hopes to offer one user name and one password
that gets you onto all of your favorite registered sites. Just make sure you
keep that info very, very safe!
Microsoft had a decent approach to this. It was called Passport. Unfortunately,
not enough sites backed it and Passport is now largely used to access Microsoft-only
content.
Posted by Doug Barney on February 11, 2008