Authentication UX

From MgmtWiki

Revision as of 13:00, 22 November 2020 by Tom (talk | contribs) (→‎Focus on W3C)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Contents

1 Full Title or Meme
2 Context
3 Problems
4 Goals
5 Possible Solutions
- 5.1 Version 2 of ODIC
- 5.2 Focus on W3C
6 References

Full Title or Meme

The successful Authentication schems, like OpenID Connect have been those that provide a good User Experience. Schemes that impeded the user work flow the least.

Context

The major feature of OpenID Connect (OIDC) was its ability to operate on the "Front Channel" so that he user browser context was maintained and the user could get on with the work at hand.
The browser makers are currently completing on which one provides the best privacy considerations. As the security of the user information is increased, it inevitably impedes the flows that worked well for OIDC.

Problems

Especially with Federation Signing, the conn

Goals

At least as good as UX
Improve user Privacy by increasing the security of both user data and user attention.

Possible Solutions

Version 2 of ODIC

Disruptive innovation requires any business to eat their own childern or someone else will come along and do it first.
Front channel communication had a long run, it may be time to look seriously at alternatives.

Focus on W3C

Wether version 2 is started or not, it is important to help the W3C, and the browser folk in particular, to work with OpenID and DIF to create a win-win solution.

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Authentication_UX&oldid=8620"