In the process of setting up my blog I quickly identified a major problem that would prevent people from leaving comments and interacting with my site: to prevent spammers from flodding my blog with Viagra ads I need to force people to register or re-type their name and email address whenever they want to participate.
This is a growing problem because many people like me participate in a ton of sites which have nothing to do with e-commerce, banking, or any other financial transaction. For most blogs and other content sites on the web I use the same ID and password over and over again. The alternative is that I use a different password for each one: an inconvenience I’m not willing to accept because my personal liability is pretty low if someone steals my Slashdot login ID.
This situation creates a number of problems. First, someone needs only to break into one site to steal my identity for every site. Second, people like me create a security risk for sites. If somebody guesses my password they have the opportunity to look for ways to exploit it across many different sites.
Wouldn’t it be great if we could just have one login id that works everywhere? A universal login id?
I started poking around to see if anyone was solving this problem. I found PrefPass, a Web 2.0 startup attempting to provide universal login using Widgets and gathering information of interest about users. Nice idea, but I’m looking for something much simpler.
I think the solution is emerging, and it represents what I believe will be one of the major trends of the Internet in the next few years. The Internet is quickly transforming from “web sites” to a collection of links and data modules that get shared by everyone. OpenId has the the potential to emerge as a solution for Universal Login and Identity. As reported in TechCrunch, this fledgling movement took a major step forward when Technorati announced they would support it. O’Reilly also had a good overview of it.
In coming posts I’ll discuss what I learn about OpenId and my experiences getting it running on my blog.
{ 1 trackback }
{ 2 comments }
I have a crazy idea: ask users for the id and password of their msn/gmail/yahoo/hotmail accounts, authenticate them with official servers, and swear you never store their passwords. Facebook is aleady doing it (for pulling all contacts of their users).
Hey Kevin, thanks for checking out PrefPass!
Our current widgets are really designed for sites that don’t have a login system, but we’re working hard on a new rev that’ll work with sites that do, like WordPress.
Our whole goal is to be the simplest way possible to let your users log in without yet another password. And we’ve got some cool stuff in the pipeline for OpenID that I think you’ll like (we’re huge fans). Stay tuned…
Comments on this entry are closed.