Identity Crisis

So many applications, accounts, memberships! So many credentials (usernames and passwords) to remember! Sigh!

What do most of us do? Try to secure the same username for every account, have a list of favourite passwords and use them in succession. Try to maintain the account credentials either as a piece of paper with copies spread across to (secret) locations or as a little, local Excel sheet called ‘My Accounts’ or ‘My Passwords’. Some would complain about the security of such sheets and would rather save them under password protection or use a software which encrypts your accounts and stores it safely.

Here are some ideas which can make remembering passwords fun:
1. Memorize passwords as sentences - Like the sentence ‘The quick brown fox jumps over the lazy dog’ could yield a password ‘tqbfjotld’ formed by the first letter of each word. If you run out of sentences, use songs, poems. Now that is fun!
2. Passwords belong to a theme - You could build your passwords from certain themes. These themes could be anything from books, characters in movies, names of movies, art, etc. The more specific the theme gets, the harder it is to crack the passwords.
3. Build a robot which remembers your passwords for you - Not kidding here. I know someone who uses this option. Also fun!

Back to some basic questions: Why do you need an account or have to login into a software application? What happens on login?  The answer lies in two words: Identity and Access. Typically a software application comprises of certain functionality which is rendered to the end users. Access to this functionality is typically driven by the user’s role. The application therefore needs to identify the user, determine his/her role and grant access. For example, in a banking application, front-desk users might have access to submitting an account request, checking account status; while a back-office user could have access to creating accounts and a manager the access to generate & view reports. Although it’s the same application, different users based on their roles access it differently.

Can identity & access management be made simpler?
One cannot do away with accessing all those applications, but it certainly can be simplified. Here are some ways:
1. SSO (Single Sign On) - As the name suggests, all applications are weaved under a single sign on. An end user logs in once and is provided access to various applications falling under the SSO umbrella. This method is already implemented by organizations and is a handy way to expose local apps using this principle. Google has implemented for most of its internet apps. With one sign on and one Google account, you can access apps like Gtalk, Gmail, Gdocs, etc.
2. Biometrics - Biometrics consists of methods that uniquely identify human beings; with forms like retina recognition, finger prints recognition being the most popular. Who knows what technology brings in future, but at this current moment Biometrics is far from ideal of being used consistently, cheaply, worldwide by every software application; which makes option 1 the one to go for.