The reason for that requirement, Mixel co-founder (and former NYTimes.com design director) Khoi Vinh explained, was real names. Vinh wanted to build the Mixel community around real names, not anonymity or pseudonyms. "We think this is essential to the kind of experience we're building: a family-friendly environment that's suitable for just about anyone," he wrote.

At the time, Facebook was pretty much his only option. But that is starting to change. And as proving your online identity becomes more important, it's a valuable race for the players involved to win.

Twitter, too, is a worthy competitor in the online identity race. The company famously doesn't verify real names — mainly for celebrities and brand partners — and it's hard to imagine a time when Twitter would require your real name.

But Twitter does seem to be favoring real names these days: They are now displayed by default — when available — on its website and in its official apps.

Twitter may have other reasons for that — the number of "pretty" usernames without numbers will eventually run out. But Twitter also clearly has interest in serving as an identity tool — its co-founder Jack Dorsey, also a founder of mobile payments company Square, even speaks of using your Twitter account as one way to justify your financial trustworthiness. So if Twitter can serve as a reliable source of your consistent online identity — even if it's not your official, real name — that seems valuable.

Other large companies, such as Apple, Amazon, AT&T, and Verizon, boast tens of millions of real-name accounts, many with credit cards attached to them. That is incredibly valuable to those companies, as it permits frictionless authentication and commerce for new services and devices, such as Apple's App Store and Amazon's ever-growing digital marketplace.

But with high public sensitivity over financial information and the idea of identity theft — plus the competitive advantage of keeping that data in-house — it seems unlikely that Apple, Amazon, or the others would simply open their identity services to developers. So for now, inherently "social" services like Facebook, Google+, Twitter, and LinkedIn — each with many millions of users — seem most useful as web identity-verification services.

This all begs a bigger question, though: Whether real, birth names are actually the best way to identify ourselves in an increasingly digital society.

To varying degrees, governments and financial-type companies mostly require you to have and use a name, as they have for centuries. The digital revolution, however, started within our lifetimes, and may eventually dictate new identity norms. In many online communities, anonymity — or at least the ability to use pseudonyms — is expected and sometimes demanded. If that becomes more common, who knows what offline human naming conventions will look like in a few decades.

Google, for one, recently announced an interesting new policy change for Google+: In addition to real names, it will also start allowing individuals to use consistent, established "alternate names." These range from established offline pseudonyms like Madonna to online nicknames "with a meaningful following." It still seems to prefer real names — see Google's naming policy — but there's some wiggle room now.

For now, it seems the more formal a digital community, the more your real, proper name matters — or at least a provable, consistent alternate. And as long as that's the case, the race to hold, secure, and pass along your identity will be a valuable one.

Facebook COO Sheryl Sandberg, speaking at the DLD conference in Munich this week, attributed the trend "from anonymity to authentic identity" on the Web as one of the main reasons that social media has become such an important part of daily life. "What we do online is increasingly about who we are," she said. "We are our real identities online."

You can be confident that Facebook enjoys its status as the top identity gatekeeper, and is very protective over it — it's worth a lot.

Meanwhile, Mixel — the company that got flack for its Facebook/real-name login requirement — has been integrating Google+ authentication support into its product, and it eventually plans to support the new "alternate" names feature.

"We like what Google+ is doing for alternate names — an 'authenticated' or 'established' name is good for us too," founder Khoi Vinh says.

Photo: Paulo Brandão via Flickr (cc)

Whereas submissions to the PostSecret blog are curated by hand, the app was an experiment allowing any iPhone user to generate secrets instantly and anonymously. Warren says that users shared over 2 million secrets, and that "99%" of them "were in the spirit of PostSecret." The app launched in September, becoming the best-selling app in the U.S. and Canada overnight. It is now gone from the iTunes store, the Android version never arrived, and the PostSecret App website no longer loads.

"The scale of secrets was so large," Warren says, "that even 1% of bad content was overwhelming for our dedicated team of volunteer moderators who worked 24 hours a day 7 days a week removing content that was not just pornographic but also gruesome and at times threatening." In my experience, that 1% figure sounds a bit conservative. The chances of seeing something gross were pretty good on any given night.

Warren says that he had to remove the app from his own daughter's phone weeks ago. Bullies and creeps overloaded the app, and Warren and the moderators were unable to find a solution. At one point, the moderator team tried pre-screening 30,000 secrets a day, but they couldn't stem the tide of unsavory secrets.

Warren calls the now-defunct PostSecret app a "good faith experiment," but it's also an unfortunate lesson in the necessity of curation. It raised the privacy bar for app developers, but it opened up a Pandora's Box of backwardness in doing so. The app was rife with penis pics, vicious attacks and other disturbing messages. It was a valiant attempt to allow millions more to share their secrets, but for now, the PostSecret project will go back to its roots as a hand-curated blog.

Those who paid for the app can take comfort in the fact that their $1.99 supported an organization with good intentions.

Did you use the PostSecret app? What did you think of the experiment? How do you feel about the app shutting down? Share your thoughts in the comments.

The move is an improvement in relevancy of information feeds in social profiles and it demonstrates an intelligent system for delivering information and encouraging interaction on the world's largest social network.

One format is an updates ticker that allows for joining real-time conversations based on customized selection options. The other is a news aggregator, which functions as a newspaper, to keep users informed of the most important events and posts they have missed while they have been away.

The ticker is the most simple and straightforward feature. It makes it very easy for you to select whom you want to receive news from, and how often you want to hear from them.

When those people post updates - and they are selected as someone you want to hear from more frequently - you will immediately be alerted to join the conversation. Less relevant people will not signal as often or immediately.

It's kind of like being able to predict frequency and then assign a value to the number of times your annoying Aunt Betty calls you to tell you again about the neighbor's cats. In this way, you are judging just how close you want to be to Aunt Betty - and her cats - regardless of how close Aunt Betty wants to be to you. It's a subtle move by the engineers at Facebook.

Facebook is also changing its news feed, moving away from the rather clumsy "Most Recent" and "Top News" tags.

Facebook has made it so that if you are one of those people who spends a few weeks away from Facebook at a time, the next time you log on, you will see all the most important things you missed while you were away, arranged like it was a magazine or newspaper, with big pictures and easy to navigate buttons.

The rollouts today bring some solutions that calm the information storm fired up after the company rolled out Subscriptions recently.

Once it became possible to follow anyone (if they enabled the feature), the noise to signal ratio went haywire. Suddenly, it was Aunt Betty updates to the nth power. With this new feature, I can pretty much customize my feed so that everything makes sense, and I am not overwhelmed by noise.

Finally, it appears that a social network with over 750 million users has finally figured out how to act socially.

Image via Facebook.

The idea of broadcasting your darkest secrets across the Internet might sound counter-intuitive, but the app does an amazing job of reassuring users of their privacy and security. Not only has PostSecret built a heartfelt, loving application, it has raised the privacy bar for app developers everywhere.

Keeping a Secret

If you choose to save a list of your secrets on your phone, which you don't have to do, it's password-protected. You can connect to Facebook or Twitter to share links to interesting secrets you discover, but the social settings page reassures you that the services "are never connected in any way to secrets that you submit." The introductory splash screen says that users' identity, location and secrets will never be connected to one another. The app won't even know your name.

The app was designed in partnership with Bonobo Labs, and it takes the familiar iPhone tropes for social photo apps and makes them its own.


An Intimate Experience

The navigation is familiar, but the textures and fonts are dark and soothing. The graphics are a lot to take in at first; the map view is especially hard to navigate and slow to respond. But this app extends the comfortable touch of the barebones Blogger-powered PostSecret website into an intimate touchscreen experience.

Another aspect of the PostSecret project enhanced by the app is commenting. On the weekly blog, Frank Warren, PostSecret's creator, curates some email comments regarding individual secrets and inserts them between images, often setting up interesting - if artificial - dialogues. Now, with the app, readers can engage in threaded discussions on each secret, but comments are posted as their own secrets, with the app's typography and one's own chosen background image.

This app enables people to air their deepest secrets and share them with one another, but it still maintains a safe space.

Update 11/12, 5:50 p.m.: The app's performance can be pretty slow, but Warren says there's an update coming soon. There's also a key feature missing; you can't yet view replies to your own secrets. But Warren reassures us: "We think that is an important feature too, and it will be included in the first update due out this week."

Strength in Sharing Secrets

Warren has published the sites most beautiful secrets in books, and he speaks publicly about the power of the project. According to the blog, within 24 hours of its launch, the PostSecret app became the #1 best-selling App in the U.S. and Canada.

The app is available now in the iTunes store, and an Android version is coming soon.

Do you read PostSecret?

The ACLU wants to know how law enforcement obtains and uses location data from cellphones. Are they contacting the cellular operators directly? Are they issuing warrants to the operators? If so, is the person who owns the location data aware of the warrant? The implications are far reaching. Law enforcement's access to location data affects law-abiding private citizens, not just those involved in criminal activities.

See the map below for the states that the ACLU requested records from.

The ACLU wrote in a blog post:

One's location might reveal "whether he is a weekly church goer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups -- and not just one such fact about a person, but all such facts."Okay," I hear you thinking, "Right, but I'm not a criminal. Why should I care?" Think again. Law enforcement's use of cell phone location data has been widespread for years.

The ACLU notes that senator Ron Wyden (D-Ore) asked the head of the National Security Administration Matthew Olsen whether cellphone location data could be used to track U.S. citizens. Olsen replied: ""There are certain circumstances where that authority may exist."

In spook-speak, that means yes.

Prior Cases & Precedents

There are two main cases that the ACLU points out as dangerous precedents. One is the "Scarecrow Bandits" incident, in which a group robbed 20 banks in the Dallas area in 2008. The FBI wanted to get the cellphone location data of every person who was near a specific bank at the time of the robbery. Another instance was in Michigan when law enforcement wanted the cellphone data of people who planned on organizing a labor protest.

There is also the rising use of digital forensics by law enforcement in the field. Dell makes a portable digital forensics unit that can be used to access the data of any portable or mobile device (laptops, smartphones, tablets etc.). For instance, people could get pulled over and a police officer could scan their phone for who they called last, where they are coming from, where they have been and who is in their contacts list. This is not location-specific but unwarranted use of digital forensics is still a concern for privacy advocates and civil liberties groups.

In more recent history, the prime minister of the United Kingdom David Cameron, wants to ban people from using social media in the aftermath of the London riots. It is imaginable that the British police are attempting to gain location data at this very moment about participants in the riots and looting. People who own a flat above a shop and barricaded themselves inside their apartment might then become suspects based on the location of their cellphones at the time. It is a definite possibility that innocent people could be persecuted because of where their cellphones said they were at a particular time, even if they had nothing to do with nefarious events around them.

In terms of the records request, the ACLU is specifically looking for:

• whether law enforcement agents demonstrate probable cause and obtain a warrant to access cell phone location data;
• statistics on how frequently law enforcement agencies obtain cell phone location data;
• how much money law enforcement agencies spend tracking cell phones and
• other policies and procedures used for acquiring location data.

Senator Wyden and a Republican House representative Jason Chaffezt have introduced bill that would create location privacy protections for citizens against unwarranted snooping from law enforcement and the commercial sector.

We have been in touch with the ACLU of Massachusetts (this reporter is based in Boston and has a history dealing with the ACLU regarding cellphone and law enforcement issues) about obtaining the data that law enforcement hands over in regards to the records request. We want readers of ReadWriteWeb to know how law enforcement is using their data and will share that information if and when we get those records. In the meantime, let us know in the comments your thoughts about law enforcement potential use of cellphone location data. Who is to blame? The devices themselves? Zealous law enforcement? The carriers? The U.S. government for allowing this to happen?

It's no question that social media reputation has become the influencer metric du jour, but we've yet to see an all encompassing platform that isn't gameable. Social stock market site Empire Avenue is certainly no exception.

Founded in Edmonton Canada in late 2009, the site allows users to sync their social media profiles to a Web interface and calculate a personal value and share price. From there you can buy and sell shares in companies and people on a virtual stock market based on the perceived value of their online reputations.

Empire Avenue users earn virtual currency and reputation points in a variety of ways including:

1. by successfully forecasting and buying stock that sees an increase in social value over time;
2. by earning endorsements and recommendations; and perhaps most importantly,
3. by reaching large social media audiences.

But just as Twitter's mainstream debut marked an increase in follower baiting and follower purchases, Empire Avenue's rise in popularity has also lead to an increase in abuses.

Basically you're looking at chatrooms full of virtual collusion and insider trading. For an early-stage startup, this may seem like a great problem to have. It's clear that if users feel the need to cheat your system, then your company is popular enough to matter.

But from a reputation management standpoint, this poses a conundrum. How do you separate the wheat from the chaffe? It's suspicious that super blogger Robert Scoble's social stock price is rivaled by unknowns who've published less that a dozen pieces of popular content in their lives. As a reputation management system, shouldn't your own company strive for trust amongst its users?

If engagement in the form of retweets, comments and Facebook likes are the new measurement for online influencers, then Empire Avenue's intended mechanics make it literal. But in order for any reputation-based community to be meaningful, it needs to mitigate against a land grab mentality and protect itself against unsavory users.

For the company's sake, I hope it's able to tweak its mechanics and correct for this. After all, online reputation startups should know better than anyone that success hinges on whether or not your trustworthiness becomes viral amongst key audiences.

]]> Discuss]]> http://www.readwriteweb.com/archives/reputation_management_services_should_practice_what_they_preach.php http://www.readwriteweb.com/archives/reputation_management_services_should_practice_what_they_preach.php Digital Lifestyle Tue, 26 Apr 2011 15:00:00 -0800 Dana Oshiro

As the creator of one of the Internet's most base, vile and creative websites, 4chan founder Chris Poole knows a little bit about the effects of user identity on user behavior. 4chan, a completely anonymous, real-time message forum, is the birthplace of many an Internet meme and user identity, or the lack thereof, can play a big part in this.

Poole spoke about the collaborative, creative process today in his keynote address at SXSW in Austin, Texas, spending some time on the topic of identity and authenticity. In this horserace, Poole unsurprisingly comes out on the side of anonymity.

Some, such as blogger Robert Scoble, argue that linking comments to Facebook identity increases authenticity, not only by adding context to what people say, but also that people cannot anonymously pose as other people. Poole, at least when speaking of authenticity in terms of creativity, appears to take quite the opposite position.

"Anonymity is authenticity," said Poole. "It allows you to share in an unvarnished, unfiltered, raw and real way. We believe in content over creator."

Of course, when we speak of 4chan, we're talking about a collection of memes and creations that few bloggers or publishers would want to grace their comments section. 

Poole argued that identity can stifle content creators (whether commenters or otherwise) because of what's at stake.

"The cost of failure is really high when you're contributing as yourself," said Poole. "To fail in an environment where you're contributing with your real name is costly."

On this point, Scoble had a very different opinion when he wrote last week. "REAL change comes from people putting their necks on the line. I couldn't remember a time when an anonymous person really enacted change in, well, anything. It's why I sign my name to everything, even stuff that could get me fired," wrote Scoble.

What do you think - do you want Poole's version of authenticity? Will anonymity always lead to the variety of creativity we see on 4chan? Or is anonymity a necessary party of true honesty and authenticity?

Last week, a new toolbar began appearing on Google for user and some took it as evidence of the ever-elusive "Google +1" or "Google Me" social network. Today, Google explained the appearance of this part of the bar as a simple method for users to keep track of what identity they're using as they browse online and use Google services.

In a blog post entitled "The freedom to be who you want to be..." the company explains that the toolbar help ensure users "know exactly what mode they're in when using Google's services."

We've been thinking about the different ways people choose to identify themselves (or not) when they're using Google--in particular how identification can be helpful or even necessary for certain services, while optional or unnecessary for others. Attribution can be very important, but pseudonyms and anonymity are also an established part of many cultures -- for good reason.

When it comes to Google services, we support three types of use: unidentified, pseudonymous and identified. And each mode has its own particular user benefits.

Whitten explains that unidentified is not fully anonymous, but rather tracked by IP. Nonetheless, Google doesn't "link that information to an individual account when you are logged out." Pseudonymous allows users a consistent identity, but "one that is not linked to their offline self." Identified is just that. It's for times when "you want to share information with people and have them know who you really are."

"Equally as important as giving users the freedom to be who they want to be is ensuring they know exactly what mode they're in when using Google's services," writes Whitten. "So recently we updated the top navigation bar on many of our Google services to make this even clearer. In the upper right hand corner of these Google pages, you will see an indicator of which account, if any, you are signed into. "

Could this be a step in the direction of the so-called "Google +1"? If, by that, we mean a social layer in Google, then certainly identity has something to do with a "social layer." Beyond that, it seems like a responsible move by the Big G to make sure users realize how the actions they're taking could be connected to their Google identity.

Over the last year, Facebook has become increasingly dominant in terms of being used as the user identity and login on third-party sites. Last summer, we reported that Facebook had dominated as the third-party login of choice, surpassing sites like Twitter, Google and Yahoo in all realms but one - news. News sites saw users logging in almost twice as often using Twitter.

Now, it looks like another site is gaining ground in another realm. Career-centric social network LinkedIn is growing as the login of choice for business-to-business (B2B) sites, proving once again that users prefer certain identities for certain online activities.

"LinkedIn has a strong case that a single social graph through Facebook is not sufficient," said Peterson. "Professionals want to apply different profile data to business oriented sites and share that content with a different group of people than their FB friends."

So, if you're thinking of taking  your site the way of eHow and forsaking all other logins for the one, true Facebook login, you might want to take a gander at the following graphic and see where your visitors lie. Maybe you should be working on that LinkedIn presence a bit more and Facebook a bit less.

The new tool, called simply Registration Tool, is both simpler and more powerful than Facebook Connect. It works as a pre-populated iFrame for logged-in Facebook users, allows site owners to ask for fields of information not offered by Facebook and can be used to register people who do not have Facebook accounts. All under the watchful eye of Facebook, a company that leads the world in online identity and specializes in user data security. It's a very smart move, but raises questions about the company's growing power.

I'm not here to criticize Gawker. On the contrary, I'd like to thank them for illustrating in broad, bold relief the dirty truth about website passwords: we're all better off without them. If you'd like to see a future web free of Gawker style password compromises -- stop trusting every random internet site with a unique username and password! Demand that they allow you to use your internet driver's license -- that is, your existing Twitter, Facebook, Google, or OpenID credentials -- to log into their website.

That's exactly what the new Facebook Registration tool will make it easy for websites to do. In some cases, with a single line of code.

More Data for Facebook

Facebook is gobbling up user data left and right, that's the price for the power, convenience and security the company's identity services offer. Facebook said earlier this month that ten thousand sites are adding Facebook Connect every day. Peter Kafka reports today at All Things D that Facebook execs at the highest levels are out visiting major media companies like Time Warner and Verizon, trying to convince them to institute Facebook as the user registration and login system across their properties, too.

This new service will undoubtedly make Facebook the defacto registration service for countless more websites. Even people who don't have Facebook accounts will be able to register for websites using this tool - and perform that registration through Facebook.

What does all this mean? It almost feels futile to argue against the growth of Facebook as identity provider across the web. The company is just so good at powering this important feature. Individual websites don't want to mess around with it.

But with great power, comes great responsibility. Right? Facebook is already the world's greatest living census, filled with data about our lives, interests, social connections and activities. Imagine that data being made available for analysis - what an incredible opportunity for social self-awareness it would provide. Imagine that data cross-referenced with other data sets; each new permutation might shed new light on an opportunity for economic growth, on a social injustice that needs to be remedied or on something simply good for us to know about ourselves.

I've been calling for that to happen for years - right up to the point of a one on one conversation about the importance of aggregate user data analysis with Mark Zuckerberg at Facebook headquarters.

My favorite example of how aggregate data can change the world: it was when US census data and bank mortgage loan data were first made available for computer analysis that a historical pattern of discriminatory lending keeping families of color out of key neighborhoods in major US cities was discovered. Real estate red-lining, as it is called, was illuminated by aggregate data analysis. Comparable issues are sure to be hidden in the huge trove of data about how we live our lives on Facebook.

Now more voices are calling for the same thing. In this month alone so far, writers at Slate, The Atlantic and Forbes all called on Facebook to open up its data to outside researchers.

Cliff Kuang, designer and contributor to Fast Company, Wired and more, wrote yesterday about Facebook's new graph of user friend connections around the world and year-end list of trending topics:

"But what really boggles the mind is why Facebook isn't doing more work like this with its data, or least letting a select few use it -- the company possesses the greatest catalog of human life ever created. It's no wonder that social scientists dream of getting just a fraction of that data, to study everything from how social connections are related to job markets, to disease transmission across city borders. After all, Facebook users are the ones who've provided this data. Shouldn't we be getting more out of it than the Top Status Trends of the Year?"

Web 2.0 grandaddy Tim O'Reilly agreed on Twitter, saying, "He's right. Facebook should do more with this data."

Facebook should do more with this data, especially if it's going to insist on gobbling up more and more of it all over the web. That's the least it could do to share some of the wealth, our data wealth, that it's compiling. Otherwise it will be hard to think of the company as something other than a big hungry monster.

According to a Gartner survey earlier this year, enterprise managers see identity management as a top business priority. That would lead to the conclusion that enterprise operations are considering a variety of identity management options.

Emerging is a growing interest in social identity as a means for employees to sign into external applications.

More so than ever before, companies are using social technologies for a variety of purposes - such as using Facebook as a customer service environment. Social identity serves as a way to manage all the various sites where people connect as part of their work.

Two examples include Facebook for Websites and Twitter, which uses OAuth, to verify the identity of the user. We are in the early stages but Facebook pages are pretty common so you can see why an enterprise may use it for employees to connect with third-party sites.

There's another reason why social identity may have a lasting future. Federated identity has really not been adopted, leaving an opening for services with a social component.

It's not that OpenID is going nowhere: Google Apps uses OpenID; it has been adopted to some extent by the federal government. But it is not nearly as popular as Facebook or Twitter.

But, still, these are very early days. And the issues are numerous.

Dion Hinchcliffe wrote on the topic earlier this year:

"Instead, off-premises SaaS and cloud computing offerings are offering basic synchronization with LDAP and other corporate identity repositories. Also becoming more and more important is identity authenticity (which Twitter tried to address with Verified Accounts). Watch for a raft of social identity issues to accumulate and for new enterprise open identity solutions to attempt to address them as our identities on the Social Web increasingly compete and conflict with our enterprise identities."

Organizations are a long way from adopting social identity systems. OAuth 2.0 represents a first step as it automatically connects services. But there are other options, too.

Over the past several months I've had conversations with Eve Maler, one of the most authoritative voices about identity management. Eve is the chairman of the User Management Access Project Workgroup (UMA). UMA is proposal-as-a-service that would act as an intermediary platform for managing identities across social networks, SaaS providers and other services that the individual is responsible for managing. It gives more control to the user, who provides consent through the service.

Phil Hunt writes:

"Where in the typical OAuth 2 deployment, user authorization and resource owner authorization are combined, UMA instead separates the processing of a user's consent, from authorizing access by the resource owner (e.g. Flickr)."

Aside from the benefits Eve describes, here are a couple more things I like about the UMA proposal.

• UMA recognizes that user information exists in many places on the Internet, and not just at a single IDP/OPs etc.
• It supports a federated (multi-domain) model for user authorization not possible with current enterprise policy systems.
• It's a great way to separate the issue of user consent away from the resource owner's access control policy.
• It becomes possible to handle consent when individuals are offline.

Maler made the following point in response to Hunt:

"In the enterprise, an externalized policy decision point represents classic access management architecture, but in today's Web it's foreign. UMA combines both worlds with the trick of letting Alice craft her own access authorization policies, at an AM she chooses. She's the one likeliest to know which resources of hers are sensitive, which people and services she'd like to share access with, and what's acceptable to do with that access. With a single hub for setting all this up, she can reuse policies across resource servers and get a global view of her entire access landscape. And with an always-on service executing her wishes, in many cases she can even be offline when an access requester comes knocking. In the process, as Phil observes, UMA "supports a federated (multi-domain) model for user authorization not possible with current enterprise policy systems."

Social identity makes sense for its ease of use. It fits with trends we see in the enterprise. The big question is trust and the implementation of infrastructures that provide a secure and simple way to identify the individual on the network.

In all, UMA may be a better answer for unified identity control across the enterprise and the Web.

Will making it easier for Yahoo users to sign in to Google - a direct competitor - draw users away from the portal, search and mail provider, or will it help create an overall better user experience? According to Yahoo, making a process that users were already engaged in simpler will provide a better user experience and keep them interested in one of its most solid products - Yahoo Mail.

"People have been asking FOREVER when are the big web portals actually going to accept other people's OpenIDs. This a significant step by Google to become a relying party," Hamlin told us today.

Scott Kveton, co-founder of the OpenID Foundation, agreed that it was "a big step forward for making OpenID that much easier to use".

"Making it easier to have Google and Yahoo work together is great for Google," said Kveton, but he questioned the advantage for Yahoo. He noted that "making it easier to on-board users into Google via their email accounts means being able to suck in the social graph."

We asked Eran Hammer-Lahav, an Open Web advocate for Yahoo, about the feature, and he told us that it had been in some form of discussion for over two years and would provide a better user experience for Yahoo's users.

"We don't try to lock our users in any way," said Hammer-Lahav. "We want them to have a better Web experience no matter what site they are on, just by being a Yahoo user. Yahoo is not in the business of locking users to only use its services, especially when the Web is getting so much more distributed and social."

Hammer-Lahav told us that Yahoo believes its mail product is strong enough to keep users happy (and loyal), as evidenced by when Yahoo was one of the first email providers to provide address book mobility. When we asked if Yahoo would be offering the same sort of feature, he explained that there weren't many Yahoo products that required email sign-ins, but the company is adding OpenID support for activities like adding comments, which do require full account sign-ins. In this case, Google added this functionality, he explained, because Yahoo email account holders make up a large percentage of the email market and those trying to create Google accounts.

In the end, that may be just it - the simple fact that users will be drawn to Google's growing arsenal of Web tools, from Google Docs to Voice to AdWords, and it's better to keep what business you can rather than have your users abandon your product completely.

The unveiling comes a week after Facebook fired a big shot across the web, staking a claim as the dominant provider of one-click portable identity. These two technologies seem aimed right at each other and engineers at both companies have no doubt been following each others' work closely.

Account Manager is currently available as an experimental plug-in, primarily for developers to test with, but project leaders say they "are looking to ship this feature as soon as possible in Firefox."

Mozilla's Dan Mills says "the final feature will almost certainly not look like this - it's just to give you an idea." But it certainly does look exciting. A feature like this would make new account creation super fast, it would eliminate the need to remember your passwords and it would make it safer to use web apps. That could be just the beginning, too: identity is more than just a username and password. There's no reason why you shouldn't be able to carry all kinds of payload with you (tastes, contact info, etc.) when you navigate the web with your browser.

Hopefully Chrome will institute support for this same code quickly. The browser is a very logical place to transport log-in info. "The browser also has deep knowledge about the user," says Mozilla. "For example, the browser could implement fast user switching with just a click. Or think about picking a username: the browser can look at usernames for other accounts and make some pretty good guesses about what usernames are preferred."

The ability to easily manage multiple identities is big, too. That's something that Facebook doesn't offer, but it's important when it comes to choice, freedom and privacy.

Challenging Facebook

One year ago we wrote that the most viable challenger to Facebook's fast growing domination of the web could be Firefox, not another social network. Firefox had more users at the time (270 million vs Facebook's then 200 million), but Facebook has doubled its user numbers in the last year alone.

Facebook launched a jaw dropping number and scope of new portable identity technologies last week.

Here's what we wrote a year ago about these two companies going head to head.

Why compare user numbers between a browser and a social network? Because there's every reason to believe that the two technologies are converging in the near term future. ...

Though we may not be sure about his prediction that Google will act before Firefox, we think Forrester's Jeremiah Owyang offers a very compelling vision of the future of browsers and social networks in his excellent report The Future of the Social Web.

'... in a bid to extend the reach of its new browser, Chrome, we expect Google to build OpenID and its associated friend connections into the browser; look for Firefox and eventually Internet Explorer to copy this feature. Facebook and MySpace will also likely build a way for users to surf the Web within the Facebook experience, retaining the social functionality. These connections won't be perfect, but they'll allow social networks to colonize communities and other parts of the Web, extending their experience out to other sites through the shared ID. As a result, in two years, portable identities will become a ubiquitous part of the online experience as they reach maturity.'

It's only logical to extrapolate from that analysis that the line between browsers and social networks will become much less clear and the two types of software will very likely compete with each other."

Click here to read the rest of our analysis of things changing about Firefox that point towards its importance in the world of online identity.

Who do you want to carry your identity around the web for you? How about a nice open source browser, built on open standards, supporting multiple identities and strong security? That sounds better to me than putting Facebook in charge. Despite all Facebook does for hundreds of millions of people, putting our entire portable identity into one company's hands is just too dangerous. Of course if it's quick and easy browser-level identity you want, don't forget about the "Facebook browser" called RockMelt that Netscape founder Marc Andreessen is backing and that we broke the news about last Summer. Last we heard, that super stealthy company was still hiring.

Let's see some more competition on the browser level! This time with portable data and a world of web applications at the heart of the battle.

"It might be the only truly free--albeit not the only priceless--object in our collection," Paola Antonelli, Senior Curator, Department of Architecture and Design, wrote this morning. Why add such an artifact to the collection? Antonelli's explanation is quite artful itself. For social web users, though, the meaning of the symbol is more contentious than the Museum has acknowledged. Isn't good art generally the subject of controversy?

"The appropriation and reuse of a pre-existing, even ancient symbol--a symbol already available on the keyboard yet vastly underutilized, a ligature meant to resolve a functional issue (excessively long and convoluted programming language) brought on by a revolutionary technological innovation (the Internet)--is by all means an act of design of extraordinary elegance and economy."

Discussion of the @ symbol around the web today has focused on its widespread use in email addresses, but how do you use it most often each day? If you're like us, your use of the symbol on Twitter and Facebook is becoming increasingly common.

That might seem a minor matter, but in fact the changing use of the @ could be a symbol itself for a larger battle over identity on the internet. Twitter and especially Facebook are jostling to become the primary providers of our identities online. When we address each other as @myfriend - these days that's an in-network message that assumes we all use the same identity host. That's very different from myfriend@identityhost.com.

It's about monopoly, competition, innovation, control, freedom and interoperability. @ may be a work of art, but it's also an important point of contention for the future.

See also: Email as Identity: Google Turns on Webfinger and Not Everyone Is Exited About Facebook Vanity URLs

Just when you thought the Identity game was over and Facebook or Twitter had won, now you can welcome 55 million more docomo customers onto the OpenID side of the contest.

OpenID is an open source and open standards system of Identity that allows users to log-in to any OpenID supporting website with the account they've already created through a trusted identity provider. The system makes it easy for users to start using new sites with just a few clicks, easy for them to take their profile and friend data with them from site to site and easy for websites to offer personalized service immediately, based on the data an OpenID user brings in with them from their cross-service identity provider. Though ease of login has been the primary use to date, identity and payload as web-wide development platform is the long-term promise of OpenID.

It's an intriguing paradigm that has had mixed success to date, limited primarily by design and User Experience challenges. The entry of Japan's largest telco into the OpenID ecosystem could help propel OpenID forward, but many other large companies have gotten as far as offering outbound OpenID and then ceased active engagement with the protocol.

We've got our fingers crossed, though, for the success of a portable identity system that isn't owned by one single provider like Facebook. Facebook's Connect system of identity does offer a good perspective, though, on what's possible in every way but independent ownership.