Tulsa, Oklahoma based authentication service Vidoop announced today that it has hired Scott Kveton, Chair of the OpenID Foundation, to be the company's VP of Open Platforms and the Director of the company's new West Coast office in Portland, Oregon. With the move Kveton ends a short run at the heavily funded and very interesting MyStrands recommendation service, a development that raises some questions about that otherwise strong looking operation.
The addition of Kveton to its staff should push Vidoop into the public consciousness in a big way, concerning OpenID and open platforms.
Kveton is a force to reckon with and an outspoken advocate for Open Platforms. He was a co-founder of the Open Source Lab at OSU, a research facility that's provided hosting for a long list of Open Source projects ranging from Mozilla to the Linux Kernel. He was also the CEO of JanRain, a leading OpenID vendor, and now chairs the OpenID Foundation.
For readers interested in learning more about OpenID and related data portability matters, Kveton did an excellent interview on Phil Windley's Technometria last month that will satisfy both the uninitiated and the already involved.
Vidoop asks users to select a handful of topical categories which are then used to populate images in a square of largely random tiled images. See the example below. If when creating your account with Vidoop you said you like pictures of dogs, birds and board games - then you and only you would know to pick out the letters embedded in the handful of images in a grid presented at login that happen to contain dogs, birds and board games. Some of those images will include advertisements! In other words, Vidoop has found a way to monetize OpenID authentication - and they are doing it live with a handful of major corporate customers already. See the sample below. It's much easier used than explained, by me at least.
It's strangely fascinating and I'm not sure how happy I am about the advertisements sneaking their way into my consciousness as I look closely for puppy pictures. That said, we here at RWW have puppy pictures hidden inside our ads on site too (look!) so who am I to criticize?
Readers interested in comparing various OpenID providers should see the vendor comparison chart at SpreadOpenID.org.
Comments
Subscribe to comments for this post OR Subscribe to comments for all Read/WriteWeb posts
I can not see how this is more secure then a password, its easy for me to type my password without someone next to me seeing what it is, where as if there is a picture there and someone can easily see what pictures there are and what keys I press - it wont take them long to be able to breach security. (most users are very familiar and can type their password quickly using both hands, this approach will requiring pressing single keys rather then typing entire words)
Also someone can look at my browser cache of images and it wouldn't be hard for them to group the images together so that they get several group of 12 images, remove the ad and there is 11 images - look for a common theme (ie dogs, birds and board games in this sample) (as I am presuming that the other 8 images are random) and then they know my access features.
Also having to download 12 images will make it slower to load the page which makes it a small additional barrier to entry for getting users to sign up.
Yes - it is an interesting concept but I will be interested to see how the mass users handle it.
Thanks
Steve
Posted by: Stephen Kelly | February 6, 2008 10:05 AMYou know, genius, that the multi-billion dollar business(about 105 billion in 2007) of cyber crime doesn't really involve having the mofo next to you peek over your shoulder and see what keystrokes your are entering...Its more like a room in Bangladesh(no prejudice here, just the first foreign country that popped in my head :) that is running tons of malicious software that is gathering your keystrokes from half way across the world or some douche sitting outside the coffee shop in his truck(if you want to relate closer to home) hacking the wifi and watching everything you do as a proxy so while you are leaning close to your keyboard protecting it like its a plate of food and you just got out of prison the real problem is coming from with in the computer/web. Im an advocate of vidoop and openID...Hacker steals keystrokes, doesn't matter because you get a new 3-5 digit login each time you see the grid, if he knows my images, he cant see the grid without my cell phone because his computer is not activated, and if he does manage to use my computer or steal the cookie, ill get a text letting me know i just logged in, and in knowing I didn't i will deactivate the computer he is on from my phone. Its not perfect, but the closest thing out there to it.
Posted by: Instigator | February 6, 2008 2:57 PM