The other day I was buying from an online retailer. Nothing unusual there. However, with Facebook in the news right now I was struck that the site said I could log on with my Facebook account. I have done this before on a number of sites. It’s convenient and stops me creating lots of online accounts that I have to remember. Convenience over security.
So where is Microsoft on this?
If you have implemented a hybrid Office 365 environment you will know that Microsoft offer an enterprise security standard single sign on. Microsoft is a trusted brand in the area of security unlike the Microsoft of 15 years ago that needed a trustworthy computing initiative. In fact you could see the spasms that Facebook is facing today is a new version of the trust gap that hit Microsoft back in the days of Bill Gates.
Microsoft did create “passport” that morphed into the Microsoft Account (MSA). Passport was, in hindsight, another service that was way ahead of it’s time and not really explained to people or promoted. Right now websites and ecommerce ought to all authenticate with MSA and not Facebook. MSA should be the trusted account people rely on for identity management. Perversely few websites do this. You can login with Facebook, Google even Spotify but rarely does MSA appear as an option. Could this be the complexity of implementation? Could it be lack of awareness?
I think it’s the old Microsoft problem of identifying a problem, developing a solution, not publicising it or not making anyone aware of the advantages. Being in the first wave but leaving it to the latecomers to dominate a service that should be Microsoft’s reputational ace in the hole. When people think of online security and ease of use they should think MSA. They actually think Facebook.