Saturday, January 2, 2010

Burned by my own firewalling

The perils of having to maintain multiple logins for multiple systems, applications, or web sites are fairly intuitive: More time/headache for the system administrators and increased security risks as people resort to tacking sticky-notes to the underbellies of their keyboards. But rarely is the solution to a problem found at the other end of its spectrum.

In this case, the spectrum's other end is the Grand Unified Login. As the Googles and Microhoos continue their parallel borgification of the functionality folks find important (web mail, blogging, sharing photos, etc.) and initiatives like OpenID move forward, the flaws of the One Login To Rule Them All ethic become apparent. (And those quite apart from bloggers mixing cheesy physics, Star Trek, and Lord of the Rings metaphors in a single paragraph.) Obviously, in the single-login scenario, a single hacked user name and password compromises multiple applications.

But more than that, it doesn't reflect the reality that many--if not most--people partition their existences. Mixing personal and business email, for instance, is typically A Bad Idea. Maybe I'm guilty of firewalling too much, but I also don't mix hobbies (including programming/tinkering) and what I do for others. Mainly because each context has its own minimum standard of polish. Given that I'm typically working on at least two things at any given time, I've already run into the issue of being logged into (Google-owned) Blogger as my more "professional" self, but needing to grab info. from a hobbyist Google Group. Logging into the group automatically logs me out of the blog interface because I can only be one "me" at a time, at least so far as Google is concerned.

If I were feeling optimistic, I'd predict the inevitability of a Hegelian synthesis, wherein people would create multiple unified logins to reflect the spheres of their lives. Except that, socially, we tend to be a messy bunch--not just in terms of "our" peeps, also in terms of context. E.g., if a co-worker is also a friend, that's two contexts for the same person. Multiply that out by the separate (or perhaps interlocking) social circles of your life and the people who are part of them. The multi-dimensional Venn diagram required to model those networks makes my head hurt. So I think that the notion of single sign-on is, for that reason, more than a little naive--and in practice could lead to more complexity than the problem it was intended to solve.