Managing Credentials on the Web

January 19, 2011 at 11:19 pm | Posted in Cyber Security, Identity Management | 1 Comment
Tags: , , , , , , , , , , , , , , , , ,

I enjoyed reading a good natured rant about the vagaries of managing your identity online on the Des Res blog the other week.  If, like me, you work for a large organisation, you’ll probably be obliged to follow strict rules on selecting a password for access to corporate systems.  If, again like me, you use a lot of websites that require you to select credentials for logging in, you may struggle to manage a large (and constantly growing) set of strong passwords without writing them down.  In these circumstances, it’s very tempting to re-use the strong password for your work systems for other purposes.

Identity 2.0

Identity 2.0 or digital identity has long promised to solve these problems in a world where a user can potentially have one online identity, with a pre-certified proof which is submitted when required for authentication.  This model is represented by Microsoft’s Cardspace and the open source Higgins project, but has been slow to gain momentum.  However, in recent years, a number of the larger IAM vendors, starting with CA Technologies, have added support for these technologies to their Web Access Management products.

Multiple Identities Online

Of course, being able to use a single identity and set of credentials for all your online activities is a real “good news/bad news” story.  The convenience of managing a single set of credentials comes at a price:  it’s quite conceivable that your visits to different websites could be aggregated and correlated, to build a far more comprehensive (and revealing) picture of your online activity than you might feel comfortable with.  It’s also true to say that not all web sites we visit (and register for) justify the same level of strength in authenticating our identity.  For example:

  • Online Banking: There’s so much at stake if your banking credentials become compromised that it’s obvious to all but the hard of thinking that those credentials should never be used elsewhere.  In a previous post, I described how my bank allows me to be warned if I try to re-use internet banking credentials on another site, by providing me with a free copy of Trusteer Rapport.  This protection can be easily extended to other high risk sites.
  • Social Media: As I’ve described on these pages before, I use a wide range of social media applications (in the widest sense of the term) to maintain my contact list, collect and collate information and publicise this blog.  Each site requires a separate set of credentials, but increasingly I’m offered the chance to sign in to one application using the credentials from another (very often, either Twitter or Facebook).  This makes use of the Open Authentication (OAuth) protocol.  OAuth allows the user to authenticate with their chosen service to generate a token.  The token can then be used to allow another application to access resources for a given period of time.  So, for example, when configuring Tweetdeck, I authenticate in turn to Twitter, Facebook, LinkedIn and Google Buzz and authorise Tweetdeck to use the OAuth tokens to retrieve data from those applications until I revoke that access.

Single Sign On
This still leaves a wide range on different sites that require a login.  I use a wide range of Cloud Services, including Drop Box (of which, more in a moment), Windows Live Mesh, Mind Meister (for collaborating on mind maps), MobileNoter (for sharing and synchronising Microsoft OneNote) and of course, Google Docs.  These (or at least the data I entrust to them) are important enough to me to warrant good quality credentials and together they make a good case for Single Sign On.  With more than 10 years’ experience in Identity Management projects, I’ve always viewed SSO as primarily a user productivity tool, with some incidental security benefits.  However, I came across a story on Mashable, describing tools for managing web passwords and quickly realised that I could:

  • Store all my credentials in a single location;
  • Secure them with a single strong password, which never leaves my machine;
  • Synchronise that credential store across multiple computers by locating the credential store on Drop Box;
  • Use the same, synchronised solution on my iPhone.

So, armed with these requirements and the Mashable product reviews, I eventually settled on 1Password.  As well as a management app, which sits in the system tray, 1Password installs a plug-in for all the modern browsers (I’m using it with IE and Firefox) which detects when you’re completing a registration or login form and prompts you to save the credentials.  Next time you visit the site, just press the 1Password button to login.  Incidentally, the Mashable article mentions that 1Password is primarily a Mac product, with a Windows version in beta.  The Windows version is now in fact available as a paid-for GA product.

Summing Up

So, in conclusion, it’s possible to figure out a strategy to at least simplify sign on and credential management to a wide range of web sites and applications, each with differing needs for strength and protection.  By and large, the tools to do this a available for free and even the commercial components I chose are available for a very modest fee.  All in all, the benefits far outweigh the modest outlay of time and cash.

Send Back Pictures to OneNote

January 26, 2010 at 11:20 pm | Posted in Collaboration | 1 Comment
Tags: , , , , ,

I’ve written before on how Microsoft’s OneNote 2007 makes the ideal repository for collecting and organising unstructured information from multiple sources.  To get the most out of this versatile application, you really need to be able to take the content of your note books on the road with you.  If, like me, you switch between a desktop in the office and a laptop for travelling, keeping the note books in sync is easily arranged by using a cloud service, like Live Mesh.  However, for short trips, or for meetings where it might not be appropriate (or practical) to use the laptop, what’s needed is to be able to sync the contents of those note books (complete with formatting) to your iPhone – and that facility is provided very simply and cost effectively, using MobileNoter.

One of the shortcomings of the first release of MobileNoter has been that the note books are not editable on the iPhone.  The MobileNoter developers assure me this is coming in a future release, but for now, you’re limited to creating text-only “Quick Notes”.  These are synchronised back to your PC, where they’re added to a special MobileNoter notebook in OneNote 2007.  From there, they can be simply dragged and dropped into any other note-book, in the same way as content in the “Unfiled Notes” note-book.

When I connected my iPhone today, to sync from the PC, I found that there was an update (v1.2) for the MobileNoter cloud edition app.  I downloaded and installed it and when I checked, there was also an update for the desktop sync client on the PC.  With both components safely updated, I took a look at the MobileNoter developers’ blog, but thus far, there’s no news on the new release.  So, what follows is my first thoughts after experimenting …

I wrote recently, that MobileNoter were planning a new release for the first half of February.  It seems that this is that new release, several weeks ahead of schedule.  The major new feature appears when you create a new Quick Note on the  iPhone.  After entering your text note and tapping “Done”, the Quick Note displays 4 icons at the bottom, each of which can be used either to attach a picture stored on the iPhone camera roll or to take a picture with the camera and attach it to the Quick Note immediately.  Once the Quick Note is synchronised back to the PC, the pictures are displayed in the body of the OneNote page.

I also use the DocScanner app on my iPhone to capture hardcopy documents (particularly whiteboard and flip chart contents, after meetings and workshops).  The beauty of this app is its ability to accurately detect the borders of a document and to deskew the image to allow for camera angle.  The app allows you to email the resulting picture as either a JPEG or PDF document.  Significantly, you also save the document to the camera roll and hence attach it to a Quick Note.

The MobileNoter team introduceed a search function to v1.0 of the iPhone app, but it’s not obvious how to access it.  This has been dramatically improved in this latest release, with a search icon appearing on the bottom of the screen.  The operation of the search function can now be configured through the “Search Settings” button.  This allows you to limit which notebooks are included in the search.

You should bear in mind that these useful new features are only included in the Cloud Edition of MobileNoter.  The developers plan to add them to the Wi-fi Edition in a future release.  It’s possible that this will coincide with the release of a unified (cloud and wi-fi) app for the iPhone.

So, no doubt in due course,  more information will appear on the MobileNoter developers’ blog about this release.  I thought it might be interesting to describe my first reaction – and I have to say, the new features make an invaluable tool even more productive.

Update (27 January):  You’ll now find official details of the new features in v1.2 at the MobileNoter developers’ blog here.

OneNote in the Cloud

September 28, 2009 at 11:39 pm | Posted in Collaboration, Research | 13 Comments
Tags: , , , , , , , ,

In my very first blog, I described how I was building an information management architecture around Microsoft’s OneNote 2007.  As I’ve settled into my new life as an independent consultant, I’ve stumbled across the first difficulty in the strategy I set for myself.  I now have a laptop to take on the road with me and it would be useful to keep the OneNote notebook on there synchronised with the “master” copy on the desktop PC in my home office.  It’s not as bad as it might seem – while there are two copies of the resources on two separate machines, there’s only one user (me) using only one of the machines at any one time.  Of course, I can just copy the relevant folders to the laptop before I set off and then copy them back when I return.  Seems simple enough – I may even remember to do it most of the time.

Marcus_Closeup_bigger

The interesting thing about Microsoft OneNote is that it seems to evoke something approaching fervour in its users.  I found  a website dedicated to harnessing  the existing enthusiasm for this product and raising awareness for its many uses.   Incidentally, you can keep tabs on what’s new on this site by following its fictional hero Marcus on Twitter.  It was through a tweet from Marcus that I came across a blog entry from futurist Dan Rasmus, describing how he manages his work life across multiple computers.  Dan’s blog introduced me to the idea of using cloud storage to accomplish my sync problems which are essentially the same as his. 

So, this led me to investigate and then to sign up for the beta version of Live Mesh, Microsoft’s cloud service, built on the Azure services platform.   For the techies, there’s a decent description of how it all fits together in Wikipedia , but in simple terms, you get 5GB of storage in the cloud, which can be shared between multiple users and synchronised across multiple machines.  As Dan rightly points out, this isn’t real multi-user collaboration.  For that, you’d be better served using the multi-user synchronisation250px-Meshdesktopcapabilities built into OneNote.  However, it does fit my nomadic style of working very well.  I trialled it by using OneNote on my laptop to compose an earlier entry on this blog during a train trip into London.  On arrival, I used the free wi-fi service at a coffee shop to sync my work back to my office PC and it was ready for final edit and publishing to WordPress when I got home that evening.

demo-howto-share-addmembersNo doubt the time will come when I need to give access to OneNote folders to other people.  This is no problem to Live Mesh.  You can invite another user to share the folder – just open the folder on the Live Desktop and use the “Members” option from the mesh bar to email the person you’re inviting.   You get to choose whether they get rights as owner, contributor or just reader.  Simple.  The invitee can then synchronise the shared folder across all the devices in their Live Mesh, and they can invite other people in the same manner.

Of course, this is the point where you’d have to use  OneNote’s multi-user synchronisation capabilities, something I haven’t had the need (or the time) to try out yet.

OneNote in your Pocket

MobileNoter_iconlarge

When I’m out and about, I don’t always need to take my laptop with me.  Oftentimes, my iPhone has most of what I’ll need – diary, contacts, email, even free phone calls over Skype.  By the way, have you noticed how often now people will respond to a question by saying “There’s an app for that!” and looking hugely pleased with themselves?  I mentioned in a previous blog that Mobilenoter has developed an iPhone client for OneNote.  Their app has been in closed beta since late August, but a few days ago, the beta was thrown open to all comers.   I was quick to take advantage of the offer, downloading the iPhone app and also the Windows sync client.  I won’t repeat my earlier description of what this app can do, but I will say that it does it all perfectly.  There was a glitch with the Windows sync client, when I first downloaded.  I logged a support issue and got a reply the next day to say that a new version of the client, fixing the bug, was ready for download.  How’s that for service? (I’d love to show you how the OneNote pages are displayed on the iPhone, with the formatting, graphics and links all intact.  If anyone knows how to take a screen shot on the iPhone, I’d love to hear from you!)

Next Step – Mind Maps in the Cloud

I’m working at the moment with some people in Dubai, developing the early stages of some service offerings.  Our chosen format for this work is mind maps.  Now, mind mapping is a technique I learned many years ago (on paper, using coloured pens – yes, really!).  More recently, I’ve had great service from the very capable Freemind.  Inevitably, I want to be able to work with mind maps while travelling, so I’ve just downloaded Mindmeister for my iPhone.  This is part of the web-based Mindmeister service and in theory allows any of us to create a mind map in Freemind (for example) and then share it through the web service with the other collaborators.   I’ll let you know how we get on in practice.

OneNote to go …

September 1, 2009 at 12:55 pm | Posted in Research | 3 Comments
Tags: , , , ,

mobilenoter_logoIn my very first blog post, I described how Microsoft OneNote 2007  forms the heart of my information management architecture.   In that post, I mentioned that an iPhone app is in development.  Well, this app is now in beta and you can register for more information at the MobileNoter web site.  It looks like the first version of the app will be released at the end of September (not long to wait then).  Using this app, you will be able to:

  • Take notes on the fly. The first version of the application supports simple text-only notes, called Quick Notes. Support for pictures, audio recordings, outlining support and inking will be in further versions later this year.
  • Easily synchronize with Microsoft OneNote. It is possible to synchronize Quick Notes back and forth with Microsoft OneNote. Quick Notes from your iPhone will appear in a special chapter of the OneNote Notebook that is automatically created.
  • Access your Microsoft OneNote notebooks on your iPhone. Select which OneNote notebooks to take with you on your iPhone and synchronize. The selected notebooks will be read-only (for now), but with layout and formatting support.
  •  The whole solution consists of 3 parts:

    • A web-based sync service, hosted by MobileNoter on their web site
    • A small footprint desktop sync application, which syncs changes with the web-based service in near-real time
    • The iPhone app, which manually syncs changes with the web-based service.

    MobileNoter plan to add a direct wifi-based sync option in a later release.  They’re also looking at syncing with cloud-based storage as this becomes more popular (I’m currently experimenting with syncing between my desktop and laptop copies of OneNote through Live Mesh , but more of that in a later post).  This latter option is in the very early stages of discussion.

    MobileNoter maintain a blog to keep you up-to-date with progress on the beta programme, but you can also find a good account from one of the beta testers (no, sadly I didn’t get invited) here, including some screen shots from the iPhone app.

    More on this, as and when I get my hands on the app!

    Blog at WordPress.com.
    Entries and comments feeds.