One angry idea thread

[InCreator]

-very long post ahead!-

Registration. Username. Password. E-mail activation.
Repeat.
And again.

I'm totally tired of this digital burden that's for some unknown reason so hellishly popular nowadays.
Want to see my brand new cool forum with 2 registered members? Sign up!
Want to download this little piece of crap game you will delete after trying 3 minutes? Sign up!
Want to read my stupid blog? Browse our catalog? Read news? Just make sure you will never return to this site? Sign up!
Want to simply ask a question about something? One question? Sign up!
Want to simply SEARCH our forum for one tiny thing? Sorry, search is available for registered members only. Sign up!
Forgot your password? Click here!
Aaaagh!

One stupid, meaningless, unimportant entry in MySQL database makes web programmers put me through electronic nightmare or hundreds of forgotten usernames and passwords, e-mail activation, and overall mess.

Especially since these entries are mostly useless. Which is why should use genuine password for this next piece of crap forum/stupid web/whatever so if something happens, not all other hundreds of digital identity pieces wouldn't be gone. I really, really, really hate this tiny "sign up!" link in almost EVERY web page. Well, if I really have to sign up. But guest-friendly sites are fading away at rapid speed.

Now anyone that uses web actively, say you haven't felt atleast once same way.
Can I sleep safely, knowing that on at least 100 sites, I've registered and entered personal info?
Most of which I don't ever remember and never return?

For example, there's that new cool 3D game engine up on devmaster.net, so I download it, don't understand a thing, and to find answer to my first very basic question, I try to search engine community forums, which won't happen if I don't sign up, so I - sigh-- sign, find that engine is once again totally pointless, unfinished and overpriced, and never return.
Thinking about this, 100 registrations are maybe highly underrated number, I've been "online" for 10 years quite actively already. Even though I've developed some "default" usernames, passwords and e-mail addresses for least important sign-up events, there's still more than 20 I think, and I don't remember most.

Even worse, I find myself bumping quite often into places where I have had registered already, and I don't remember which one of those numerous "default" settings were in use this time. For example, I have over 5 GameSpy accounts, atleast 3 GameSpot ones, cannot count FileShack ones.... And still can't login into any of these, because I'm quite tired of making new accounts, and can't remember what data did I use when registered 5 years ago.
---

Anyway, I was thinking about it and came up with somewhat controversial idea -- universal e-ID.

Like one big service that's universal and every site uses. Well, as an addition for classic signup.
I imagine server farms at Google scale, MD5 encryption and other sci-fi stuff... The base line should be that you log in into your e-ID and you can use it everywhere, like on MSN, eBay, MySpace, web banks, chatrooms?, Steam and  AGSForums, for example. Probably as a client-software - so you log on as soon as you boot your machine up or something, and all affiliated sites would automatically detect if you're logged into you e-ID. Client program thingy would be for security, I guess -- nobody trusts cookies... and for things like ICQ and MSN Messenger and Steam and GameSpy Arcade and so on, which are actually programs in your computer, this would work better too.

Even with my limited knowledge, I still imagine that every more serious website has it's own variables about member so classic sign-up won't go actually away, it just simplifies login. eBay still holds data in their server about your bids and comments and so on, but authorizing login data would come via e-ID servers. They would simply add e-ID authorizing possibility bit to their system. I don't have enough knowledge about networking to give my idea more serious shape, but I still believe that this project is totally possible to create.

I even think I foresee some potential flaws in my flawless plan   

1. Of course, internet is a perverts' paradise. So here could come first criticism to my idea: individual sign-up guarantees anonymousness up to some scale, so boys who play girls in anime/furry forums, foot fetishists, lonely old men and all other likeable fellows I didn't mention won't be using e-ID... but no-one cares anyway, since traditional sign-up stuff still stays on place.

2. Single identity is a strong security risk. Yes, e-ID should employ uberhigh levels of security for maintaining identities, as I said, complex encryption with additional science fiction, cavity-search its employees on daily basis and software better than CIA uses... but this is still doable.

And come on, is using same password for many sites more secure? Like you're doing now? I know you're doing this, no need to lie. Oh, you added "1" to the password. Very clever indeed.

3. e-ID itself. Now, this is real science fiction: While progressive governments have heavy data on their citizens, e-ID - being universal and thus international would have things on people even CIA couldn't track. Reminds me of X-Files -- the human being registry.
Well, and that's a serious dent in my plan, which needs to be reworked somehow.

But if whole thing works as software in people's computer, I think that e-ID servers wouldn't need to know the data at all. Like, data moving between client's software, e-ID server and affiliated website could be encrypted heavily enough so the password and username would actually be known to person only. You enter your user/pass, encrypted thing goes to e-ID, it somehow knows it's you, and sends another encrypted bulk to AGSForums, which knows that this bulk means that you proved to e-ID that you are you and they back this up. And -- "You have logged in!". But I cannot think this thought further due lack of knowledge on the subject.

Any thoughts?

Even if my idea is totally stupid, I wouldn't be surprised if after few years someone simply steals it, modifies to something real and becomes a billionaire. Microsoft?

But if you like the idea, know(someone who can/how to)  make this work and have a rich relative to fund a crazy project, let's team up and get rich... even if monthly e-ID fee is $1, well, if there's billion, or atleast a million frustrated internet users, I see bright future.

[tube]

You mean something like OpenID?

[Akatosh]

Or you could just, y'know, work your way around registration.

[InCreator]

Hm, OpenID sounds very much like what I have in mind... really working version of what I thought of.
The main point is same: Why register everywhere instead of only one place?

It doesn't seem to support much sites though... I guess they did beat my idea with a year or so...
Damn you, Brad Fitzpatrick. He sounds quite stupid too, making this as another free hippie open-source project. Doesn't strike as a trustworthy man too (see photo), maybe he read my thoughts?

Strangely, there's project starting date nowhere to be found?

Ah, back to drawing board then.

[scotch]

The hippy approach is much more likely to gain acceptance on the internet, if any unified authentication platform is. One of the bigger pushes was 7 years ago, with Microsoft's Passport, now LiveID, but few web developers wanted to give any organisation the power over their signups. The point of the OpenID/Yadis/LIT approach is that you don't need to trust anyone in particular, which is how good internet protocols tend to work.

All these systems need browser support though, so it'll be some time before it can be mainstreamed.

Personally I don't think the typical html form sign up is a big problem, it's certainly overused on websites that don't need to identify me at all, but it does provide a very small protection against spammers and lazy trolls, for a one off effort. I predict even if an OpenID style service was used on every website we'd still be given hoops to jump through just to make it less easy. Online businesses would love it though, would make tracking people even easier.

[Raggit]

I agree, this craze of EVERYBODY wanting you to register with them to do ANYTHING online anymore is waaaay out of hand.  It's gotten to the point with me that as soon as I see a site that requires registration, I just leave and go look for alternatives.

Here's my favorite scenario:

You find interesting site with resources you want to access.

Your enthusiasm is severly dampened by finding out you are required to register to use that site and its resources.  Sign up now!  It's FREE!

You give in and click the register button and start filling out the fields, enter your username and email, and hit "Submit."   ....Error.... that username already exists!  Go back.  Repeat signup process with new username.  ....Error....  That email address is already in use! (Either you've signed up before and forgot about it, or you've got things REALLY screwed up, like I've done before.)  Go back.  Repeat signup process using the same username and new password with alternate email.  ....Error....  That username already exists!  That password is already in use!  Go back.  Repeat sign up process with new username and password along the lines of "fuckthisstupidsite."  Thanks for registering!  Go check your email and activate your new account.  Wait for email.  Follow link.  Go back to site and.... Sorry, this feature is available to PREMIUM members only!  Sign up now using PayPal!  Curse profusely and shut computer off.