The Danger of a Single Point of Identity Failure

A few minutes ago, I found myself locked out of my Facebook account, due to “database maintenance”.  It was pretty brief — maybe two minutes — but it occasions some concerns.

Facebook is doing a good job of turning itself into the central spot for identity online.  It probably won’t succeed — there are enough people adopting OpenID to provide a counter-balance — but it is part of a growing trend towards simplifying one’s online identity.  Whereas now, your identity is fractured into dozens of different sites, we are heading towards a time when you will only have a few online identities, possibly even just one.

Which is great in many ways, but introduces huge new technical risks.  It’s one thing for Facebook to lock me out of itself for a few minutes.  But what if that means locking me out of everything?

This isn’t an idle speculation: it happened to CommYou a couple of months ago.  CommYou initially doesn’t have any sort of “native” identity — you use your identity from some other site.  As it happens, most of my alpha users get their identity from LiveJournal.  But one day, LiveJournal went down for the better part of a day.  And not only could people not use LJ, they couldn’t use CommYou either, because they had no way to log in.

Step one of identity evolution was the growth of many identities, and the resulting fracturing of your online persona.  Step two, in process now, is the consolidation of those identities into a relatively small number of providers, so that you are basically the same person in whatever sites you like.

Step three, which has scarcely even been thought about yet, is going to have to be distributed identity — wherein you are the same person, recognized as such by many sites, but without the single point of failure.  You’ll be able to validate yourself via several different identity providers, but everyone will still understand that you are you.

I don’t expect this to happen soon, or easily — there are a lot of reasons why the established players would resist it.  But we’ll eventually have a major failure of an identity provider, which leaves a lot of people out in the cold, unable to log into many other sites because their identities went through that provider.  I expect that at that point, everyone will get the clue.

What do you think?  How many online identities do you expect to wind up with?  Any bets on how long it’ll take to develop this distributed-identity infrastructure?  I’m getting started on it soonish: CommYou is much of the way towards allowing you to link a bunch of identities together.  But that’s just the solution for one site, not a general fix for the problem…

5 Responses to “The Danger of a Single Point of Identity Failure”

  1. dsr Says:

    Here are the identities I need:

    – Me at work.
    – Me with professional reputation.
    – Me doing hobbies.
    – Me being pseudonymous because I like conversations but I don’t want to link this to any other identity.
    – Me with some particular attribute (location, age, worthiness) that it is the only thing I want to reveal.

    So…. lots.

  2. Jim E-H Says:

    But we’ll eventually have a major failure of an identity provider, which leaves a lot of people out in the cold, unable to log into many other sites because their identities went through that provider. I expect that at that point, everyone will get the clue.

    Or more likely, at that point there will be a lynch-mob mentality against the provider, and the second or third time, everyone will get a clue. :-) But point taken.

  3. Jim E-H Says:

    dsr — it’s an interesting question which of those are distinct identities, and which are restricted “faces” of a single identity.

    Justin, what’s the current thinking on this in OpenID discussions and such? Is identity going to be something such that we should assume a clever person could connect any manifestations of it, or is it simply a login such that the core identity could be protected, and you could “be” different people in different contexts?

    That does seem like an important line. While I’ve never been too concerned about keeping my various online identities disassociated from each other, I could imagine that if standardization reduces the skill and effort needed to connect them, I might well maintain at least three separate types — professional, personal, and completely pseudonymous.

  4. Justin Says:

    dsr: Interesting. Do you actually want all of those to be separate? I’m slightly surprised — I would have expected, for example, that you’d want “work” and “professional reputation” to be joined. But it does vary from person to person, and I tend towards the simpler end of the spectrum.

    what’s the current thinking on this in OpenID discussions and such?

    Honestly, I don’t know. My impression is that folks are mostly heads-down on the practical problem of identity-sharing first, and that identity-linking is still a ways off. But I’m not deeply engaged enough in the OpenID community to be sure — it’s quite possible that there have been discussions there that simply haven’t become obvious at the spec level yet.

    I would surmise that eventually there will be pretty sophisticated options. Certainly the user desire is to have a single login that sees through all of your different “eyes”, but lets you post separately from them. This is actually on the medium-term roadmap for CommYou, and mostly already in my data model: you read as a Person, but post as an Identity. But driving that to the standards level may take quite a while — it’s not even entirely obvious what it *means* for the standards…

  5. dsr Says:

    Yes, actually, I do want to separate me-at-work from me-with-professional-reputation. They’re different. Me-at-work represents the company I’m working for, and what he says implicitly carries some commitment from that company. Me-at-work arranges for lines of credit, and orders hardware… but he doesn’t have to be clever.

    Me-with-professional-reputation is the me that talks on various technical mailing lists and fora, who is hired to become me-at-work for another company at some point.

    The other mes may want to prove age of majority but nothing else; or participate in a particular forum or set of fora around a special interest; or send notes to the local school board… all of these things without necessarily linking the one to the others.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: