Friday, August 01, 2008

Easier registration and login

For practically every forum or other kind of social website that I use I have to first register, putting in my name, e-mail address, password, etc. etc. And then when I go back to it later I have to provide username and login information. There are cookies, but they don't help if you login months later. I have to enter the same information for all of these sites. Wouldn't it be nice if they could just detect my information for registration and login?

My idea is to have a personal file including all the personal information you're willing to give out (or perhaps some items that you're willing to give out with user confirmation). The website is able to access this information, but only the fields it requests; that way the user doesn't have to worry about confirming information that the website doesn't need. This could also be used to eliminate passwords. I use the same password for every site, so why have to type it in? Some people prefer to use a different password on every site, but then they have to keep track of all their passwords. You can get the security of the latter with the convenience of the former by using PGP. The user may still want to define a password, though, so that they can logon when they're not at their computer which possesses the private key. Perhaps the information file could store a default username and password. Either way the user should be able to specify a site-specific username and/or password.

How should the protocol be implemented?

Perhaps it could be a browser add-on or capability, implemented as a JavaScript function. We should not go arbitrarily (browser-specifically) adding JavaScript functions which websites may require, though; a website supporting this protocol should, and most likely will, allow the user to input information manually if such function does not exist.

No comments: