Each time a person registers with a new website, they are required to share personal identifying information. This can include names, addresses, email addresses, phone numbers, and usernames and passwords. This information is vulnerable to a number of threats. Untrustworthy organizations can sell the information, thereby exposing a person to unsolicited telephone calls, mailings, and spam email. Even worse, if hacked or stolen, the information can be used to steal a person’s identity and potentially gain access to their other online accounts.
Aggravating the problem is the fact that the average Internet user has registered accounts with over a dozen websites. This exponentially increases the chances of their personal data being compromised.
A closely related problem lies in the fact that people must try to remember usernames and passwords for all of the websites in which they interact. To make remembering easier, many people use the same password to access multiple sites. This practice makes their accounts less secure and more vulnerable to cyber attacks, such as phishing, click-jacking, and cross-site scripting.
In response to problems such as these, the Obama administration is drafting plans for a forthcoming cyber-security effort intended to create an Internet ID for Americans. Although details of the plan are scarce, U.S. Commerce Secretary Gary Locke shed some light on the plan during its announcement this past November at the Stanford Institute for Economic Policy Research, “What we are talking about is enhancing online security and privacy, and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities.”
OpenID is a promising technology intended to bolster cyber-security by solving the multiple accounts and passwords problem. OpenID is a standards-based Single Sign-On (SSO) protocol […]