After I got to the post…
- I scroll to the end of the comments, discover that I need to login. Click the “sign in here link.”
- Enter user name, first and last name, email address.
- Arrive at a page that says “Before you can use your new user name, you must first activate it. Check your inbox and click the link.”
- Go to my email.
- Open the message.
- The message says “To activate your user, please click the link. After you activate, you’ll receive “another email” with your login.” (The quotes around “another email” are theirs, not mine)
- Click the link in the email.
- Arrive on a page that says “Your account is now active!” My username and password are on that page. But where is the post that I was originally trying to comment on?
- Go to the home page and try to get back to the article on which I originally wanted to comment.
- Scroll to the bottom of the comments section.
- See that I still need to login. Realize that I didn’t copy my password before and I don’t know what it is.
- Go to my inbox and open the second message from AllThingsD.
- Login to the site & post my comment.
This was a tedious process that could be simplified, but I’m not even upset about it. I understand the reasons behind requiring registration on a Website, and I’m not opposed to giving up some data for the privilege of using a site for free. It’s what happened next that really got me thinking.
After I successfully posted my comment, I went to my passwords spreadsheet – the one that I keep on my computer (the one that is a massive security risk) to update it with my latest username and password information. I entered the information for AllThingsD – on line 49.
That’s when I realized that I am up to 49 separate username/ password combinations. And this is just for the sites that I track on my spreadsheet (I don’t have my Gmail account on there, for example, because I for some reason don’t think that I could ever forget my Gmail username/password). I would consider my Web usage to be on the high side, so most people probably have fewer passwords to remember; but I would say that my organizational skills are above average, so most people probably don’t keep a neat spreadsheet of all their user names and passwords in it.
If I’m having trouble managing all my combos, other people must be too.
OpenID, which aims to eliminate the need for multiple user names and passwords across multiple Websites, will hopefully be the answer to the password crisis, but there are still too many problems with OpenID for it to currently be a viable solution. OpenID poses some security risks, many companies that claim to have adopted it haven’t really, and OpenID doesn’t allow companies that use the system to “own” the data of each and every site visitor, which is good for the users but bad for the companies (and what’s bad for the companies, they will hesitate to implement).
But OpenID – or something like it – is desperately needed. By me.