Those who work in the IT industry know that many of today??™s
accepted practices are in fact pretty baroque hacks. Despite all
the talk about enterprise application integration ?¬?rst, and
service-oriented architectures later, swivel chair is still the preferred
integration technique in a surprising number of companies.
Mitigating the lack of a standard place for username and
password in today??™s Internet protocols would not require anything
uglier than previously described. Unfortunately username
and password just won??™t get the job done. The section
???Passwords: Ascent and Decline??? already provided some solid
rationale for why passwords are not a good idea, but we are
now ready to understand deeper, systemic reasons for why we
need another solution.
In fact, the key reason is astonishingly simple: Username and
passwords are not your identity.
For a service or a website, a username is just a moniker for
something that is already there: your registration data, the details
of the service contract to which you subscribed, the settings you
chose, the operations you can perform, and so on. If those facts
are not directly there, they are still indirectly represented by the
business rules that will be applied to you once you sign in and
use the application.
Pages:
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111