The behavioral economics of authentication
Password Management Remains an Issue — What’s Next?
These articles cause me to think about the future and how the consumer will ultimately respond to the changes now taking place to how we Log-in to a website. Yesterday, or better said 10 years ago, we all understood that simple User Name password. A single screen with a reasonably consistent user interface. Sometime we might have to put up with two screens, One for the User name and the next for the password.
Today we are being confronted with a variety of methods to authenticate ourselves to the websites we frequent. Many register cookies on your machine and when your told they needs to be deleted, we are confronted with a second or even third layer of security and identity proofing. Often times we are then told to wait for an email sent to some email address we once registered or asked to enter the number we will receive in a text message to a mobile phone number we once registered. Some websites are using one of the various authenticators our mobile phones may now be hosting.
In my case, ignoring the various authenticators I have already deleted, I am using:
- Samsung Pass
- Google Authenticator
- Microsoft Authentication
- Norton Password Vault
- Samsung FIDO Certified “SIDF”, inside my Galaxy 7s phone
- email or text messages with a code I must type in
- Emails with a link as a means of verification
What is clear is there are start-ups and legacy technology companies busy trying to profit from authentication.
My concern is the consumer will be confronted with more and more as everyone claims they have a better widget capable of securing our digital world.
Why not come to consensus on a common approach to authentication?