Identity & Authentication

There are a lot of new infrastructures and applications build around the principle to make access management simple, secure and open. Less geeky this means registering and logging in without actually filling in a form, that takes away the frustration of filling all those forms on each new site you want to become member of (or force you to). OpenID and Sxip both offer allot of information/services on this new type of identity & authentication.

There is a addon for firefox called Sxipper, which allows you to manage your personal information you want to put into a website and it will only appear when it recognizes forms (login, register). Besides taking away frustration it allows webdevelopers to ask for really allot of information about the user and Sxipper will only fill in the information it has. If information is asked and Sxipper doesnt have it, will it simply remove these blank forms and the end-user wont have to worry about filling in the remaining blanks (tag forms if-available).

End user

Sxipper also gives you the possibility to automatically update websites you registered to whenever you update your specific persona information, in the near future it will be more specific on wich websites you want to update and wich persona information you want to update. This way you dont have to go through the hassle of remembering old paswords.

For the end-user this shift of identity and authentication will have a big influence to personalisation of a website. As webdevelopers can ask for allot of information, they can use information given by Sxipper to present information according your persona, what you like; games, music, technology or where you work, live and even what you want to have (Advertising opportunities!). The end-user eventually probably doesn’t even have to fill in any of this information because other authorities like Amazon, Last.fm, Myspace.com could send this information to your Sxipper.

OpenID

OpenID a big identity protocol is supported by Sxipper. OpenID is a URL based identity system. An OpenID identity is simply a URL, and all the OpenID specification does is provide a way to "securely" prove that you own that URL. So what it simply does for the end-user is when you fill in your OpenID URL into a form, and it automaticly connects with a OpenID provider and authenticates you as you and logs you in. Which is great for blogs but doesn’t work for websites that require allot of information from the user. OpenID can be adapted by big company's (Google, Amazon, Yahoo) who would act as OpenID providers, allowing those millions of users to get connected trough OpenID.

The only real problem is making it secure and open this is were Sxipper seems to beat OpenID. I hope this new type of identity & authentication will be addapted by alot of websites so I can finally update my passwords all at once.

Update : I have been using Sxipper for over a year now, beside some obvious usability problems(useless information - sudden overlapping on content) it seems to work quite fine. To bad the company behind Sxipper seems to be doing bad, since small improvements to Sxipper could have a big influence on its success.