Passwords Passé

An article in yesterday’s New York Times, “Goodbye, Passwords. You Aren’t a Good Defense,” by Randall Stross, talks about the need for a new way of authenticating users at sites that require a login. Passwords, as we all know, can be cracked, stolen or simply guessed. The coming prodedure, it seems, involves “identity selectors.” These are applications that live on your computer and manage your “identity cards,” which in turn are, so far as I can tell, bits of code that “talk” to paired bits of code on sites you want to log in to in ways that are more sophistcated than a simple offer and acceptance of a password.

The Information Card Foundation, a consortium of individuals and corporations (Google, Microsoft, Novell… to name just a few heavy hitters) has been established to guide and promote the use of information cards. At the moment, the whole project is at a very preliminary, not to say, rudimentary stage (with a website that is so badly designed and so poorly supplied with content that it makes the whole enterprise look suspect). But look out, over the course of the next year, for sites inviting you to submit your identity card and offering to help you set up your identity selectors.