Select Page

Government Cybersecurity Initiative for a Universal Internet ID

Government Cybersecurity Initiative for a Universal Internet ID

The U.S. Commerce Department has been handed the authority from the Whitehouse to create an Internet ID for Americans as one of the latest efforts in Cybersecurity policy.  The idea is that everyone would have one secure login to access many services online to increase security and privacy and reduce the need to remember numerous passwords.The idea of a central login is not new.  There have been several attempts over the years by different organizations to implement something similar, anyone remember Microsoft Passport?  In recent years companies like Google have implemented a single sign-on for all their services.  The OpenID, which is an open standard to authenticate users across different websites has also gained ground in recent years, however it is not without its critics.  In a recent episode of .Net Rocks, Rob Conery discusses why he has stopped using OpenID due to problems outlined in his blog post, OpenID is a Nightmare, including authentication issues and working with the specification.  One major concern with any single sign-on approach is the possibility of those credentials getting into the wrong hands with the potential of all online accounts being compromised.

Along with the existing fears of a single login, many are worried about the government managing their usernames and passwords.   CNET reported on the event at Stanford Institute for Economic Policy Research where US Commerce Secretary Gary Locke stated, “We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities.”  It was also made clear that users will not be forced to sign up for the new Internet ID, this will be completely optional and that the project would be managed by the private sector.

Many of us use the same password for multiple websites currently, which is often frowned upon by security specialists, so perhaps the move to a single login could be a positive one.  Until more details are shared concerning the new ‘Internet ID’ it will be difficult to determine whether it will become a long term success for increased security and convenience, or if it will have a similar fate to Microsoft’s Passport.

Related Articles

Series NavigationMalicious Code Intrusion >>

About The Author

Ian Carnaghan

I am a software developer and online educator who likes to keep up with all the latest in technology. I also manage cloud infrastructure, continuous monitoring, DevOps processes, security, and continuous integration and deployment. In my spare time I teach undergraduate classes in web development.

3 Comments

  1. Jordan Muse

    Alright, I believe this to be a relatively good idea, for convenience sake more than privacy. However, I do not believe it should be a task handled by the government, or any government. Maybe by a unique party, or a conglomerate of business such as say Google, AOL, Yahoo, Microsoft, Apple, and so forth.

    Reply
  2. Ian Carnaghan

    Jordan, thanks for your comment. I also do not believe this should be handled solely by the government. Even though in the CNET article they are stressing the private sector to take the lead in implementing this, I don’t think I am fully on board with one ID for everything. I might change my mind in the future, but unless I see something like this work well over time and it proves to be secure, I will not be in a hurry to sign up.

    Reply

Trackbacks/Pingbacks

  1. Tweets that mention Government Cybersecurity Initiative for a Universal Internet ID -- Topsy.com - [...] This post was mentioned on Twitter by WEBLIGHT WEB DESIGN. WEBLIGHT WEB DESIGN said: Government Cybersecurity Initiative for a…

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.