The Infamous Lost Password

Years ago, I ran a Bulletin Board service as a hobby. A good friend of mine, Bill, was the co-sysop. I remember his contribution for one sentence.

“There’s no good reason to forget your password.”

If you’re connected these days, you have passwords for all of your services. Email, Wiki, Twitter, Facebook, MySpace, SecondLife, iGoogle, … and the list goes on.

The password, obviously exits to protect your online identity. After all, you don’t want someone going onto a service and signing up for pay features which you’re saddled with the bill for. Your password should be unique for each site and should be very “strong” to make it difficult for someone to guess or use a dictionary program to break into your accounts. Everything you’d ever want to know about passwords can be found here. Even given the seriousness of someone hacking into your account, it’s amazing how many people use kids’, spouse’s, or pets’ names as passwords.

And still people forget their passwords. That’s the reason that services have “Lost your password” as a link right on the login page. There’s a procedure to recover passwords and it usually involves a little dancing back and for the between the original site and your email account where verification will be sent so that you can change it back. You can tell that I’m quite experienced with this process. And, the stronger the password, the more difficult it is. That goodness that modern browsers will do their best to remember logins and passwords for you. It does make the process easier.

But, there are just those times when you’re using another computer….

The other aspect about online services is that they also typically want you to have an online profile for their service. That way, the good ones can customize the advertising, screen colours, etc. for each user. In addition to password management, you also have to be concerned about profile management as well. It does add up.

In the news this morning, the BBC reports that MySpace is going to embrace a form of OpenID. This is great news if you are a user of online services. Essentially, it means that you have an ID with one service and you use it to log into others. In the article, they report that approximately 4500 sites use OpenID for account verification. It is a great feature if you use a service that supports it. WordPress, Blogger, PBWiki for example all support it. Rather than logging in with a unique login and password, you just log in with your OpenID and you’re in. The service securely passes the information and validates you for access.

Recently, David Warlick posted a tweet on Twitter mentioning that he was concerned about profile management on the various services that he uses. Wouldn’t it be great if you could have a concept of OpenProfile in addition to OpenID? You could have your professional profile (where you work, screen resolution, etc.) sitting in one place and used when it was needed. When you have a change of information, you make it once and it’s updated as needed at the various services that you use.

From a practical point of view, Web 2.0 services are springing up exponentially. They all sound interesting and at times, I feel like a kid in a candy store checking out the ones that are particularly intriguing. And yes, I still have to create a login, password, profile, and sometimes never return. Wouldn’t it be nice to have an ID that could be created just to check places out? Think of the amount of time that you spend creating and maintaining accounts.

Think of all of the time that you spend recovering lost passwords!

Social Bookmarks:

Blogged with the Flock Browser

Tags: OpenID, passwords