Single sign-in gains ground

There seems to be a persisting problem: how to remember the passwords to all the websites you use and that require you to login? For myself, I chose to use a password manager and have just one password to remember. It’s complicated, but it’s just one, so I make sure I know it in my sleep and I’m very careful when I use it. As far as I am concerned – that is the ideal solution to that problem.

The thing I have a problem with is the signing up process for each of these sites. It is a tedious job that I would prefer to skip whenever it is possible. Since I am definitely not alone in feeling this way, Google, Facebook, Yahoo and other major online players started using a technique called hybrid onboarding.

How does it work? There is an explanation on Google’s official blog: for example, you receive an invitation to use Plaxo or Facebook on your Gmail account. You won’t have to go through the sign-in process and create a new account – your Google ID will serve also as the login combination to these services:

After allowing Plaxo access to some information from your Google account, you are directed to Plaxo directly to the last step of the registration process:

Another good thing about this whole scheme is that your login combination is verified by Google – the other services have nothing to do with it. This means that your password is used altogether less and in fewer places, so the possibility of someone misusing is lesser.

Actually, the concept is rather similar to the OpenID Foundation initiative. The idea behind it is that your password is only given to your identity provider, and that provider then confirms your identity to the websites you visit. But, since the OpenID login still hasn’t seen a wide enough adoption rate to be genuinely useful, this must be the answer for the time being.