More and more sites these days ask you to create an account to access their functionality. Each time you create an account, that’s one more username/password combination to remember because in this age of identity theft, using the same username/password combination across sites is a serious no-no.
Then along comes the idea of open identity portocols. Open identity protocols promise single sign-on across multiple online sites. One identity to log in on them all, as it were.
Now, however, there seems to be a slew of identity protocol sites springing up to which you have to sign up and get logon details! There doesn’t appear to be a dominant player and the open identity sites don’t share information with each other. So we are back once more to having multiple identities (albeit hopefully fewer than before).
I already have signed up to myopenid, Verisign’s PIP and one or two others (whose names escape me already!).
Sigh, here we go again!
It is early days and so there are a lot of players jostling for position. Give it a year and there will only be two or three with any traction.
I’ve signed up with sxip and PIP and will be leaving it at that for the moment. I guess we’ll all end up with InfoCards next year if Kim Cameron has anything to do with it.
It still beats the 400 or so Username/Passwords I have stored in eWallet!
That reminds me Conor, I signed up with sxip (in order that I could leave a comment on your blog – no idea what those details for that ID are now!).
Ummm, being that I am Mac based, I don’t see myself having an InfoCard solution too soon.
I have been chasing Kim for some time now for a PodLeaders podcast. He has agreed to do one, it is simply a matter of scheduling (I hope!).
Hey, I know, let’s start a metaidentity site – a single location to connect together all the other identity players! Presumably they have an open API? I mean, it would be a poor show for them if they didn’t.
Federated identity is a business issue, not an IT issue. We have the technology, just not the trust between organisations we need to be federation members in order to make it ubiquitous.
And it’s all about trust.
I’m still a big fan of what Dick Hardt is trying to do with sxip and sxore but they seem to be falling down on delivery and buzz. If you looks at the constant stream of information and releases from the ClaimID guys and the buzz around them compared to the silence from sxore since April, it does look like all the sxore energy is gone.
I had a few issues with sxore which I was told would all be dealt with quickly (full export back to wordpress, recent-comments feature) but I have heard nothing in a very long time. I am very close to dumping it and writing my own exporter on the data. For a company run by a guy who delivers the worlds best presentations, it is very surprising how poor they are at getting their message out.
As for InfoCard/CardSpace, you forget that this is the new Microsoft and they are actively encouraging other implementations of their open standard including Opensource and Mac.
It is an interesting world we live in where in the space of a year due to the efforts of Robert Scoble and Kim, Microsoft are now seen as a company which “gets” openness and standards as being good for business. Unfortunately, the boys in Google have decided that Microsofts’s old business model is now a good fit for them. It really does seem to me that unless we keep our wits about us we’ll all just end up owned by Google rather than owned by Microsoft. The only thing saving us now is Google’s cack-handed implementations of everything except Search, AdSense/Adwords and GMail.
And that’s the thing. We could have federated identity before the end of the year if the megalopolis sized web services sites such as Google, Amazon, Yahoo, Microsoft agreed on a standard. With that volume of users everyone else would have to jump on the bandwagon or risk being left out in the cold.
The large players in the financial services sector have federated identity cracked as it’s in their interests to be able to rapidly move money about the place and share fraud information amongst each other. The web/tech companies on the other hand are too afraid of handing a rival access to their customers (Most of whom are mutual customers in some sense anyway) so we’re drowning in a sea of username/password combinations and deleting spam/phising emails like there’s no tomorrow.