Monday, July 8, 2013

Is the Password dead? Gotta eat what you kill!

At last year's Cloud Identity Summit in Vail I heard a lot about how the password is dead. I expect to hear a lot more this year.

Most of it fit into one of several categories:

  1. Complaints about why passwords should be dead
    1. In other words all of the various problems with passwords -- and there are
  2. Schemes to have various applications depend on someone else's password
    1. While this is helpful it doesn't kill the password
  3. Schemes for authentication that don't quite apply.

Last year when talking about DMZ's Gunnar Peterson said "You have to eat what you kill." Meaning you have to provide replacement functionality.

As I was recently reminded by a business analyst co-worker you always have to start with the requirements. So let's list what are the requirements for a password replacement? Well we need to consider the requirements from several view points

  1. The consumer end-user
  2. The Business To Consumer (B2C) website developers and admins
  3. The corporate end-user
  4. Those developing apps principally for consumption by corporate users
  5. Corporate IT Security
  6. Legal departments responsible for reducing the liability of #2 and #4

The password killer that best meets the expectations of all of these groups should become the most widely adopted.

So in the next several posts I will explore what each of these view points want in a password killer

Then I plan on evaluating all of the password killers I find against these criteria.

Monday, July 1, 2013

The MVP 7 year itch

This morning I received an email letting me know that for the 7th time (every year since 2007) I have been honored by Microsoft with the Microsoft Most Valuable Professional (MVP) Award. All 7 times I have received the award for my "outstanding contributions in Forefront Identity Manager technical communities" and its predecessors.

In 2007 despite the product rename Identity Lifecycle Manager (ILM) 2007 the MVP award was for Microsoft Identity Integration Server (MIIS) 2003. By 2008 it was changed to ILM, in 2010 it was changed to FIM.

So I have been an MIIS MVP an ILM MVP and a FIM MVP. Entering into my 7th year I am experiencing an itch. I wonder what product name will come next:

  • Microsoft Identity Manager Experience (MIME) That acronym is taken
  • Microsoft Identity Manager (MIM)
  • Microsoft Identity Access Manager (MIAM) pronounced Me-am
  • Microsoft Identity Access Manager Integrator (MIAMI)
  • Microsoft Identity Access Control Engine (MIACE)
  • Microsoft Access Control Engine (MACE) -- great for medieval weapon enthusiasts
  • Microsoft Identity Control Engine (MICE)
  • Windows Active Directory Identity Manager (WADIM) too long
  • Azure Identity Manager (AIM) that one's taken too.
  • Azure Cloud Identity Manager (ACIM)
  • Microsoft Azure Identity Manager (MAIM) Bad acronym
  • Azure Provisioning Engine (APE)
  • Windows Identity Manager (WIM)
  • Windows Identity Manager Program (WIMP) Not strong enough
  • Azure Identity Integration Engine (AIIE)
  • Azure Identity Integration Manager (AIIM)
  • Azure Identity Integration Service (AIIS)
  • Azure Identity Bridge (AIB)

What do you think it will be?