SlashID is a new identity service that promises to solve the problem of having too many credentials for too many websites.
I read some of the details and thought it sounded pretty interesting, so I registered:
SlashID manages your passwords so that your password never leaves your computer. The SlashID doesn’t know your password, and therefore cannot lose or disclose it to anyone.
SlashID never issues assertions, which means that no web sites have to ever rely on us for the authentication of their users. Instead, SlashID helps your browser decrypt your Shared Secret, which is then sent directly to the Website, without disclosing it to SlashID.
As much as I like the concept of what SlashID is doing I have to admit that I didn’t get far in real world experience. The single biggest inhibitor is that when you register you get dropped into the console application where you manage your subscriptions, however, there are no UI cues that guide you through the all important steps that are required to actually be productive with the service.
Secondly, and more significant than the UI issue, is that the service requires that the website or application service build in the SlashID service and only a couple are currently available and integrated today, WordPress being the most recognized brand, but again I had difficulty understanding what I was supposed to do in order to take advantage of this.
I think they way they have thought through the security of this identity service is compelling but it’s too damn hard to be successful with from minute one and that’s a problem. Furthermore, anything that requires developers to integrate the service is going to be a tough rock to push, as has been the case with OpenID.
Tags: SlashID, identity