Category: Personal Identity Management

Identity Proofing on Twitter – problems and potential

All the web has been abuzz recently about Twitters launch of Verified Accounts (read Mashable’s post about it here). The goal of the program is to be able to show a badge on a Twitter account that communicates to readers the authenticity of the twitter stream. The reason for Twitter doing this is to avoid

Now How Are We Supposed To Solve This?

Here is an interesting anecdote I heard yesterday (identity of person withheld for their own protection): My tween daughter was entering some sort of online popularity contest. It involved registering yourself as a contestant online with your email address, and then verifying your entry by clicking on a link in a verification email you would

The new Identity Equation

A few days ago, I tweeted about this CNET article that talks about the plans that Twitter has to expand their search service into what could be one of the most powerful real-time search engines anywhere. The key to this whole thing is the idea of reputation – that ephemeral quality that will improve the

On Anonymity, Pseudonymity and Personas

One of the online forums I participate in is commonly referred to as the Identity Gang (it is now part of identity commons). An interesting conversation took place last week on the topic of anonymity and privacy. The conversation did branch out a bit (as these conversations often do), but it did bring to the

The changing face of Password Management

A college student was arraigned on Wednesday for allegedly breaking into Gov. Sarah Palin’s private e-mail account last month. Political leanings aside, I¬† read the news article with great interest for the inherent security implications. Reading it, this line jumped out at me: The F.B.I. said that the younger Mr. Kernell allegedly hacked into the

Does ‘User-Centric’ also mean ‘User-Burdened’?

Dave Kearns recently took on the topic of how user-centric and enterprise-centric identity could possibly co-exist in his articles for the Network World Identity Management Newsletter. In his first post, he discussed what the difference between the two is – the need in the Enterprise scenario to have all identity-related transactions tied together from an

If you can’t trust Airport Security, who can you trust?

The latest to suffer an identity theft breach – the innovative CLEAR system that speeds frequent travelers through airport security by collecting personal data, doing an extensive background check and issuing smart cards. Stolen from a “locked” room in San Francisco¬† airport was a laptop with the data for 33,000 travelers. This line from the

Johannes talks about the OpenID RP “Problem”

Johannes Ernst has responded to my post on what I view as a problem for OpenID – the proliferation of OpenID Providers without the emergence of Relying Parties that use them. First of all, let me state for the record that I am a big fan of OpenID, and in no way view this problem

OpenIDs problems don’t seem to be going away

I got news today that MySpace is joining the OpenID revolution. This supposedly brings the number of OpenID-enabled accounts to over half a billion. Maybe it looks like good news for OpenID, but isn’t this actually a problem? Isn’t the intent of OpenID to reduce the number of logins we have? Why am I moving

Information Cards gets its own Foundation

One of the big announcements at Catalyst that I twittered about was the formation of the Information Card Foundation (take that, OpenID). The purpose of the non-profit foundation is to promote the use of information cards as a secure way to present personal identity information on the web. The foundation has a power-packed set of