Monday, October 2nd, 2006
Yahoo! Browser-Based Authentication
Yahoo! has released their Browser-Based Authentication system that:
… makes it possible for your applications to use that data (with their permission).
BBAuth also offers a Single Sign-On (SSO) facility so that existing Yahoo! users can use your services without having to complete yet another registration process.
This service is similar to Googles Account Authentication Proxy.
Will you start piggy-backing on these services?
4.1 rating from 13 votes
no. we now have several companies that have reinvented the wheel(YP):
-yahoo
-google
-microsoft(passport/windows live)
me, my org has a pgsql database that holds the generic information for user accounts. we provide a lightweight web-service to allow our affiliates to authenticate users. took 2 days to develop the whole thing, another 7 for system testing.
please get back at me when someone does something new.
regards,
Hi there
It is not really clear to me what the real “bonus” from using such a system is? I mean I know about the positive side for the user (no need for extra registration step).. But what’s the use for me as a site owner? I’d like to collect the user private information in my own database. With Yahoo, Google, MS there would be no possibility to collect that information.
Am I missing something?
Greetings,
Mikhail
Well, you can still ‘re-collect’ whatever you want and tie it to a token, right? Essentially, they’re just saving you the step of having to have every user authenticate uniquely on your webapp. But, why a webservice site, or a new social network site, bind themselves so heavily to ONE of these services I’m not sure. Do we yet need a third party to negotiate authing against the biggest of these? The problem is still fundamentally one of a million profiles on a million social networks with mostly the same information. There are blog posts galore about how sick people are of filling out yet another profile, but I haven’t yet seen anything like an elegant solution to this problem. Anyone seen one?
Doesn’t this seem like a bad idea privacywise? I can see the benefit for the company providing the SSO (google/yahoo/microsoft) because they can track users doing all sorts of things on the web, but it seems like there’s significant drawbacks to the user and the developer.
Also, what if you use this service and then the third party (Google/Yahoo/Microsoft/etc) starts charging for it?
The biggest downside to a business using this is that it you are giving the provider your customer list. Would Flickr have ever done this before Yahoo! bought them?
OpenID needs to hit the big time.
http://openid.net/
or pass.net : http://pass.net/