Teaser Image

qnoid

Markos Charatzas - London, UK




User identity

The idea of a user identity is a simple one with a goal to eliminate the requirement of a user entering a password. Any other requirement, including storing, transmitting and hashing should stay the same.

Introduction

As soon as a software is installed that supports user identities, a user is presented with a screen to identify.

Introduction

Identify

The user enters her email and a new residence identifier is generated [^1] both securely persisted on the client. On an iPhone that should be the keychain. A request is sent to the server to approve the new residence.

The server sends an email to the user to verify the new residence. Once the residence has been approved, its identifier and the user email are hashed and persisted. This becomes the residence of the user identity which is used for a future identification.

[^1]: The most simple form of the residence identifier can be a [UUID][5].

Identify

Sign in

The now owner of the identity, can use it to sign in remotely to the server and retrieve her data. The user identity along with the residence identifier should be transmitted using a secure channel and compared against the hash stored in the server.

Sign in

Deleting an identity

To delete an identity, slide across on an iPhone.

Delete

The identity is permanently removed from this residence.

Loose ends

  1. In the web, a secure client storage doesn't exist. Discussion