Tuesday, November 23, 2010

Sticky Logins

One of my biggest issues with the web today is authentication. OAuth and OpenID aside for a moment (both of which are cool), the iPhone app model has largely gotten authentication right. I'd like to see user expectations around mobile app login, carry through to desktop browsing as well. When I login to an application on my iPhone I rarely ever have to login to it again (I don't care how insecure that reality is; I DO care about wasting time trying to login) which is bliss.

Conversely, when I use a web browser on my desktop, I have to login dozens of times everyday. I have to maintain and understand a dozen different username/password pairs and play login Tetris in an attempt to login to the various services I use each day. What a drain on me, and on society at large! "Remember me" checkboxes never work (due to poor cookie creating/handling policies on the part of the app provider (you can't blame the browser here, it's your fault; read the spec)).

I'm not an iPhone app developer so I don't know why this "just works" in native iPhone app-land, but it does. I'd appreciate some of that login love being shared into the web app space at large.

In the olden days the argument around login caching revolved around generalized "kiosk" browser scenarios wherein a browser would be shared by lots of people. That model died, and now everyone has their own computer (for the most part), so you can't argue that a mobile device has a 1-to-1 relationship with its user as effectively as you once could. Even if you do, I'd argue to carry that 1-to-1 relationship over to other devices via some other means (biometrics, use the camera in the machine to recognize me, I don't care)

(yup, I had to login to blogger.com to write this post)

No comments: