Thursday, December 04, 2008

Authentication Wars

First came username/password combination. That quickly got old and unwieldily. Then came Microsoft Passport to makes authentication easier. Of course like all proprietory schemes, it failed woefully. Then came openID. While it hasn't gain much traction with regular folks, tech-savvy users have been embracing it. But oh no, here's comes Google and Facebook with their closed authentication schemes. Closed in the sense that, unlike OpenID, only Facebook can be a provider of facebook connect. Likewise Google is the only supplier of Google Friend Connect. I am sure Microsoft and Yahoo won't be far behind in coming up with their authentication schemes (not counting Microsoft Live since I have yet to see it on a non-Microsoft site).

The question isn't so much who'll win but whether coming up with all these different authentication schemes isn't creating more problems than it's solving. The original problem was this: each website requires authentication. This leads to a management issue for people that visit multiple sites. The solution: create a scheme where users can login to multiple sites with a single set of credentials. Everything else (social features, profiles etc) are just gravy on top.

So now the next time I visit a website, I won't have to remember a username/password combination. But I better remember which authentication scheme I used to create my account. Was it Faceboob Connect? Google Friend Connect? OpenID? Windows Live? yikes! I almost wish for the old days where I could simply use the same freaking username/password combo across the entire internet