May 19, 2011
One of the many areas of the internet that is still showing rapid progress and frequent changes is authentication - or user names and passwords to you and me.
Many sites now require you to login, either to access basic features (like your email) or to offer you a better experience (like remembering what you were reading at work when you get back home). This it what leads to an all to common problem we all have - how to try and remember a different password for each. Users will also often be put off by having to create an account, because they wont see it as a requirement 'just' to buy some socks.
One way users might get around this,for instance, is to have a common 'throw away' password for filling in random competitions on web sites along with a stronger one for your web mail account, and yet another for your work and bank. This is still more risky than a different one for everything however. But having a different password for every application and web site you use is a huge burden on your memory, so much so there are even special tools to help with this. The trouble with 'password vaults' is they have their own password, and now just one single password is protecting all your passwords.
Recently, large popular sites such as Twitter, Google, LiveJournal and even Facebook have started using technologies based on something called oAuth, which lets you easily reuse one user name and password (such as your Google account's) to securely login to another system, without the second system ever having to be told your password at all. This is very convenient, and protects your privacy and security much better than other methods. Assuming your Google account has a nice strong password to begin with...
This neatly solves one problem for users, but leaves open another for site owners.
If you are using an application the allows people to login from elsewhere, it does solve a lot of problems.
Users will more readily use your service if the number of hoops they have to jump through is as low as possible. When 'none' isn't an option, a 'login with your Twitter account' button could make all the difference.
One problem though, especially on sites with user generated content, is what happens when many people might share the same name. This can lead to accidental (or deliberate !) impersonation (e.g. of 'Tony Blair'), or cause unexpected problems for users when their account is incorrectly closed or suddenly receives a lot of messages from fans of the 'real' person.
Every system that wants to authenticate people has this problem, and generally builds upon something else. For instance in the real world it's common to need a passport to get a bank account, or utility bills to purchase a mobile phone contract. Nothing like this really exists online.
Of course, there is also has the same problems as 'password vault' type programs - now a single password (your Google account's) protects many other applications.
So for the time being, expect many sites to remain as isolated silos, at least they'll know you are you, and not me :-)
Posted by Tom Chiverton
Line height is not always consistent when viewing emails in Outlook. This is especially true…
March 1, 2017
If you use an Email Service Provider, you now get some pretty powerful technology alongside…
February 10, 2017