Friday, March 16, 2007

Technology cuts down on Web registrations

By Jon Swartz, USA TODAY 2 hours, 36 minutes ago

SAN FRANCISCO - An emerging technology standard could be the answer to a major headache: It lets consumers use the same user name and password for hundreds of websites that require a sign-in.

OpenID's approach has quickly earned it the support of Microsoft, AOL and thousands of users online.

"It's all about convenience," says Raven Zachary, 33, a technology analyst for The 451 Group. He intends to use the same user name and password for dozens of social-networking and news sites.

Consumers establish an OpenID identifier in the form of a personalized Web address, such as http://jswartz.myopenid.com, at some 50 websites, including www.myopenid.com and www.typekey.com. When they do, one of 30 OpenID providers, including VeriSign and JanRain, is assigned to securely store the user's data.

OpenID users are asked for their personalized Web address whenever they visit one of hundreds of sites that support OpenID. That address is sent to their provider, which then confirms the identifier. The system is not for use on sensitive accounts for financial transactions.

"This is leading us on the path toward one user name and one password," says David Recordon, innovator for advanced products and research at VeriSign, the domain-name registrar.

The idea has resonated with the tech industry after several missteps, including that of Passport, Microsoft's failed attempt at a universal password sign-in.

Microsoft became the latest to throw its support behind the fledgling standard last month. The software giant is supporting OpenID in conjunction with CardSpace, a feature similar to OpenID that is built into the Windows Vista operating system. Symantec also threw its support behind OpenID, as have hundreds of blogging and social-networking sites such as Digg.

As many as 1,200 sites offer some sort of OpenID services, reaching a potential 75 million people worldwide. Those figures could balloon to 15,000 sites and 250 million people this year, says Steve Kveton, CEO of JanRain, which provides ID services on the Internet.

"It's a little surprising," says Brad Fitzpatrick, OpenID's creator and chief architect at Six Apart, a blogging-software company.

To a lesser extent, OpenID is gaining support as a haven from identity theft, which has soared on the Internet.

Identity theft was the No. 1 gripe among consumers who filed complaints with the Federal Trade Commission last year. In 2006, 36% of 674,354 complaints to the FTC were for identity theft, the agency said in a report last month.

"The Internet was built without an identity system, which is incredible in retrospect," says Kim Cameron, chief architect of identity at Microsoft's Connected Systems Division.

"That limits what you can do with it and exposes you to theft, deception and spam."

No comments: