In my last post I was exercising my search engine choice for kicks. Choosing a search engine is easy, you type in the URL and get directed to the home page of your favourite search engine's site. If you prefer one and want it to be your default search engine, Firefox has a handy pull down menu where you can manage your search engines and set your engine of choice.
This is just one of the many ways that Firefox, and Mozilla, promote choice. Another way we do it is by providing the world's best browser in over 70 languages, and on multiple platforms. We give users the choice of a browser that is built with them in mind. For security, accessibility, and extensibility users can count on Mozilla's Firefox to be doing its best to improve the areas that make the open web work.
The Microsoft Browser Ballot screen has started to roll out this week and there are people who are most likely not expecting, nor informed about what it means to make a choice as it relates to the web browser. It's important that we not forget that many people don't know what a web browser is.
I recently posted about how I suspect the design of the ballot screen will scare away people before they even get a chance to make a choice. For those that make it to the second screen (where you are presented with the 5 top browsers by market share) there is another obstacle: lack of information. The screen doesn't tell you why choosing your browser is important. It doesn't tell you which browsers are more secure, which ones work with screen readers, which ones can be extended to add custom functionality. These are important factors in making a choice. Otherwise "choice" is really "pick the pretty logo and see what happens". Or perhaps "choice" is "stay with what you know, cause change is scary".
Which web browser you use may seem trivial thing at first but when you look under the hood - it matters that your know the browser you choose will work with your assistive technology. It matters that your identity is safe, that a site's legitimacy is explorable before you make an online purchase, and that you can customize your web browser to maximize your efficiency. I've had several academics tell me they rely on Firefox add-ons to help them cite, bookmark, and make notes in the browser as they prepare class materials. Your browser can make viewing the web a comfortable, seamless, and efficient experience. Don't you want to have the information to help you make the choice that's best for you?
I hope that John Lily's letter, and other blog posts in the coming weeks will reach a wide audience and help supplement the lack of information that the ballot screen contains. Just as it would be odd to let a stranger pick your car out for you - with no information about your driving habits, family size, gas budget, style preferences - you should try as much as possible to make an informed choice about the tools you use on your computer to do your work and live your digital life.
It really does matter. Have fun exploring your options.
Showing posts with label security. Show all posts
Showing posts with label security. Show all posts
Tuesday, February 23, 2010
Sunday, March 15, 2009
No More Passwords Please
This is the tentative title for my upcoming white paper, which is the major deliverable for the btr820 course on Research Methodologies and Writing. I'm excited to be doing this paper because a) I love writing and b) I'm looking forward to learning more about my topic which is essentially looking at solutions for the future of authentication on the web.
As users of web sites and applications, we are now subject to having to authenticate ourselves multiple times a day - I read somewhere than an average is 13 but for some of us who spend more time online it's probably twice that. Having your passwords remembered for you by the site or by your browser helps, but that is not a great solution for folks who are on multiple computers. Besides our passwords aren't even that safe to begin with (my bank won't let me use more than alpha numeric characters) and some sites make you change them regularly for extra security (a lie) and so as users we are caught up in a game of constantly trying to stay on top of the latest password for which site and please stop the web now, I want to get off.
What I want to look at is open, decentralized authentication identifiers that go beyond passwords with regards to actual security, that could be in your browser itself, and that would move with you easily no matter what computer you are on.
So I have some questions.
What are the implications of a web browser incorporating an open authentication protocol out of the box where the identifier is the browser itself?
What other options are coming down the pipe in terms of built-in browser features that help users deal with authentication? Is there something better than a decentralized open authentication protocol?
Do browser providers have to stay neutral and leave it up to web application providers to decide how users authenticate on the web or can they step in and lead the charge towards a certain protocol and influence sites instead?
While Weave is an excellent way of syncing your profile across various computers - is it really scalable? What other options are there for having an easy, portable profile which would be able to contain your identity as you move between computers, countries, even to your mobile device?
Thanks for reading this, I look forward to your thoughts on this issue.
As users of web sites and applications, we are now subject to having to authenticate ourselves multiple times a day - I read somewhere than an average is 13 but for some of us who spend more time online it's probably twice that. Having your passwords remembered for you by the site or by your browser helps, but that is not a great solution for folks who are on multiple computers. Besides our passwords aren't even that safe to begin with (my bank won't let me use more than alpha numeric characters) and some sites make you change them regularly for extra security (a lie) and so as users we are caught up in a game of constantly trying to stay on top of the latest password for which site and please stop the web now, I want to get off.
What I want to look at is open, decentralized authentication identifiers that go beyond passwords with regards to actual security, that could be in your browser itself, and that would move with you easily no matter what computer you are on.
So I have some questions.
What are the implications of a web browser incorporating an open authentication protocol out of the box where the identifier is the browser itself?
What other options are coming down the pipe in terms of built-in browser features that help users deal with authentication? Is there something better than a decentralized open authentication protocol?
Do browser providers have to stay neutral and leave it up to web application providers to decide how users authenticate on the web or can they step in and lead the charge towards a certain protocol and influence sites instead?
While Weave is an excellent way of syncing your profile across various computers - is it really scalable? What other options are there for having an easy, portable profile which would be able to contain your identity as you move between computers, countries, even to your mobile device?
Thanks for reading this, I look forward to your thoughts on this issue.
Subscribe to:
Posts (Atom)