Own your authentication!

After Passport Windows Live ID and the Liberty Alliance Project now comes Google Account Authentication, which opens up the ability to use anyone’s Google Account to perform authentication to a system.

What surprises me in this whole deal is that it seems we are going backwards, back to a “one authentication to rule them all” idea that Microsoft tried to introduce with Passport (errr) Windows Live ID which, as you know, didn’t go quite where they wanted it to be.

After the whole Web 2.0 buzz and “User Generated Content”, A.K.A the forbidden word, where users are now the masters of their own content, why can’t they be the masters of their own identity/authentication?


I’ve lately been tracking the OpenID initiative which tries to create a REAL distributed identity system which actually fits into the Web 2.0 world.
While OpenID’s spec is still a bit rough on the edges (the loop for verifying which authentication servers are authorized, live and not spoofed is not closed) it does seem to provide the right think in the right direction.

The benefits of owning your own identity

Owning your own identity has a number of interesting affects.

The first and foremost is that it is yours and you can store it wherever YOU think is save and good for you. This can be a server you own/rent. This can be a general repository, but one that you want to use and not one being forced down your throat (the centralized authorities that are usually controlled by large software corporations).

The second effect is that your identity is persistent. Since you control where it is stored and how it looks (according to the OpenID specs, of course) it is persistent across services (providing they support OpenID) and across identity providers (remember, you choose where to store your identity).

Hoping for a better authentication future

I would really like to see (perhaps I can even contribute) OpenID’s spec closing the loop on authenticating OpenID servers (or at least preparing a procedure for that) and starting to get adopted more rapidly across sites cause I’m really tired of having multiple identities just because various sites don’t talk to each other.

Even if the big player – Windows Live ID, Liberty Alliance Project and Google Account Authentication would support the OpenID specification, the wold of authentication would get a step closer to actually becoming useful.

GoogleWorld the new Web and privacy

Whether it is Gmail, Google Base, Google Video, Google Answers, Froogle, Google Blog Search, Google Book Search, Google Maps and Google Toolbar, Google seems to be conquering the world by offering a lot of services in different and diverse areas.

(You can get a good review of the various Google Services here)

With your Google Account (which is also your Gmail email), Google can also track a person specifically and learn things about what him/her, what he/she searched for, shoped, interest in, etc.

Actually, according to this, Google also learns a lot about you even without having a Google Account.

The main problem with Google is that they are not actually showing the users what they are doing with this information.

Yes, they have privacy policy. Yes they claim they are “not evil“, and to some degree I believe them, but I really want to know what is being done with the information being gather on me.

Let me take Amazon as an example. When I buy things at Amazon they save it in their database. They also encourage me to fill in a wish list or even mark products that I already own so they will be able to offer me products that I’m interested in.

In addition to that, when they recommend something to me they always tell me why this product was offered to me and I can directly see and understand what they did with the information they gather about me and the information I have supplied them.


Google will soon hit the privacy wall hard and as more sites of the “forbidden word” will start gathering more and more information about people and their doings, I think its time for Google and the rest of the world to start actually showing to people what is being done with this information.

A good start would be like Amazon is doing by telling you why things have been recommended.