Note: this page was previously called SimpleDistributedAuthentication but got changed after a discussion with NeilHarris. Neil came up with the name "Watch Me" too... Actually, thinking about this, probably want to call this thing "Kendra Click" or "Kendra Track" as it's all about branding, darlings!
A user has server S1 with all their details in their profile area. So, the user is logged into their S1 . Now when they log into another KendraBase enabled website (call this S2) all they need to do is enter the following:
Server URL : ............. Username : ............. Password : .............
The URL is for S1. If the login details are correct then S1 will pass information to S2 – perhaps asking for a prompt from the user logged into S1. This is not merely form filling because S2 can update the information from S2 periodically or vice versa. And S1 can track what secondary accounts have been opened and cancel/modify them.
It would be a good idea if the user used a different password for S1 (say P1) than used for S2, S3, S4, etc (say P2). So, in their S1 profile they would have 2 passwords: one for local use (P1) and one for external use (P2).
Right, back to basics. The reason why OneClickWatchMe would be cool is that it would, in the absence of drag and drop, but still using just one click, enable users to:
I've already said that the passwords for S1 and S2 could (should?) be different (as they give different access rights). But added to this P2 could be renewed every day or as requested by the user.
Or even why not have S1 just create a cookie every morning (or as requested) that can be viewed by all websites. The cookie would be a standard name that would just direct them to S1. This could be open to lots of spamming but there would be many ways to stop these getting through as there would be less opportunity for things to be faked as with email. And so more accountability would ensue and the world would be a happier place! ;-)