Firstly, be it a tech-savvy or be it a normal person, everyone has a life online. Here online, I refer to the internet and the myriads of websites therein. Programming forums, healthcare, lifestyle, romance, banking, travel, blogging, electronic mail, ecommerce; these are just few of the categories that pop in my head when I think of what we do online.
Let’s do the math. Each of these categories has at least n different websites/vendors associated with it. Say, electronic mail – you have Gmail, Hotmail, and MSN and so on. Take for instance ecommerce, you have Amazon, e-bay, or may be even the flip kart. Each of these require you to register and have an identity (username and password) associated with them.
Normally, you choose to have the same username with all of them. But the rules vary with many, some allowing symbols, some disallowing numbers – you are forced to vary your usernames with the websites. And the same is true for passwords – One of your comfortable passwords might be unacceptable by some accounts. Some websites have to be associated with email identities. If you took to the internet after Gmail came in, then chances are you’ve associated all your email accounts with it. If otherwise, you might have had a host of other email accounts like, yahoo.com or live.com.
Now each identity needs a password. Let’s see.
1. You Can Use the Same Password For All Your Accounts
Great choice. Allows you to remember a single password for all your identities. But this leaves you at a risk. One of your accounts gets hacked into, and you lose across the board.
2. You Use a New Password for Each of Your Accounts
This reduces your vulnerability to a hack. Even if one of your accounts gets compromised, you can save all the rest of your accounts. But that gives you N passwords for n accounts you hold. Mighty hard to remember, isn’t it?
Good online behaviour states, you cycle your passwords at least every 45 days to prevent your accounts from getting compromised. Now how do you do that, without having to go through the trouble of remembering the new sets of passwords again?
This discussion did not mention ghost accounts (which you have probably false identities), intranet accounts (which are not under the internet category – but still requires a username/password and hence a necessary payload on your brain).
IMO, this seems to be a pretty interesting and wide area for research. If necessity is the mother of invention, this is the right time to invent, discover or re-discover a cost-effective solution that is within reach for a normal internet user. A normal user is right now juggling with at least 10 online accounts in his hands, forgetting passwords every 10 days, clicking on that seemingly helpful “Forgot your password” link. Or an unassuming user is in a false-sense of assurance having the same password for all his online accounts, screaming to be hacked and compromised.
The solution being proposed for curbing online identity explosion should provide a way to access all your online accounts in an easier manner, while ensuring that:
- Safety of the identities are secure against any forms of hack
- Solution is accessible to any web user – with minimal or zero-overhead
- Various modes of access are addressed – Mobile, single point of access, multiple points of access