How long will it be before we finally decide on a uniform security architecture that has protocols for exchanging Usernames and Passwords? About 5 years ago a friend of mine Michael Rowan, had a great idea caled eid.com (that was EId.com in the marketing). It was an idea similar to Microsofts Passport. You would sign up with them and you would create one username and password. Then commerce sites and general web applications would sign up to use this general authentication protocol so that you could log in once at eid.com and be logged into all of your applications.
A typical day of transactions would like this:
6:00 AM – Log into eid.com and navigate to CNN.com Pipeline to review the daily news
6:15 AM – (Boring day in the news) – head over to ESPN.com and check your Virtual GM Standings and the Daily Dime’s Insider edition (both password protected sites)
7:00 AM – head off to work
10:45 AM – at morning break you could check your latest credit card statement, pay your phone bill and check your stock prices (all without a single username and password)
12:30 PM – at lunch you can go over to Amazon.com and order the latest Tool album and a few books you have been meaning to pick up at the book store
4:45 PM – before you leave work you go to Peapod.com and order your groceries to close out the week
8:15 PM – Sit down and start playing your favorite MMORPG
All of this with a single login in the morning. Ahh… weren’t ideas great back then.
I am not sure what happened with that proposal he built but I know that it never got off the ground. At the time I think that there was some potentially stiff competition so it was shelved for another idea but I liked it.
Especially with all of this social networking software out there. I probably have 40 passwords, NO Lie! I know that there is software that you can buy that will manage all of your passwords for you and can even be loaded into your browser but most of those still require you to create an account with the sites you want to use and the save the usernames and passwords.
What I am talking about is a system where I have one central location where I keep enough personal information about me as I want (no need in storing every Internet users Credit Card information on a single network behind a single security scheme – way to tempting). Seriously though, I would store my name, birthday, zip code and some of my preferences. Then I could “release” this information to the sites that I wanted to access. With my single username and password, the sites would get what they want – my demographic informaiton – and I would get what I want.
It is really not that different from how we do things today. I rarely carry cash. I just “wave” my ATM/Credit Card and get the services I need. The worst thing I have to do is sign my name or punch in a number. If I buy something from Toys ‘R Us or Borders or Lowes, they don’t ask for anything. I know that we are in a place where Identity theft is common, but I have to believe that the system is getting better.
Anyways, I will stick to using a similar username and password for almost everything so that I can remember it easily.