It is great to see that the Windows Live ID service went live with the “linked identities” feature recently. (Full disclosure: this blogger worked on the security review for the design.) Linked IDs were introduced to deal with the problem of juggling multiple identities. It’s well known that due to the lack of interoperability between web service providers, users end up registering for multiple accounts, one for Google, one for Yahoo, one for MSN/Windows Live etc. This is a necessity because services available to one ID such as instant messaging a particular group of friends, are not available to others. Recent steps towards limited interoperability are encouraging and may decrease the need for that proliferation long term.
But less frequently acknowledged is the notion of personas, when users create multiple identities with the same Internet service provider. In this case the issue is not missing functionality or fragment networks, but the desire to maintain separation between aspects of one’s online activities. firstname.lastname@example.org may have exactly the same capabilities as email@example.com but the user in this case presumably made a conscious decision to keep them distinct. Perhaps they may even want to discourage contacts from discovering the correlation between the two. Less contrived examples are keeping different accounts for personal and work use, or interacting with casual acquaintances verses expressing an alter-ego in the presence of good friends.
The challenge for these users is managing the multiple accounts. Typically web authentication systems have the notion of a single identity that can be expressed at once. This is often mistakenly ascribed to a limitation of web browsers, namely the existence of a single global “cookie jar” where the cookies that correspond to authentication state are kept– not true, as evidenced by linking feature and for that matter Google being able to sustain both an enterprise ID and user ID at the same time. That leaves the user constantly logging in and out of accounts in order to manage both. Aside from being frustrating, this breaks convenience features built into the authentication system which generally assumes a single account. For example, the various implementations of “keep me signed-in” / “remember me” works for only one account. Logging out of that account and signing in with another clears the saved credential. (Actually it is more complicated: technically the passwords can be remembered by client-side extensions including the web-browser and these are generally capable of remembering multiple credentials. Smart-clients are not limited to the one user rule, and even for web scenarios there is an exception with Windows Live ID login for Internet Explorer when the helper ActiveX control and BHO is installed.)
Linked identities provide an effective solution to this problem. The user proves ownership of both identities by entering the password for both on the same page on the Account page. This creates a permanent association between two identities. From that point on when the user is logged in as one account, they can quickly switch to the other by using a menu on the upper-right corner of the shared banner that appears across the top for most Live services. No logout, no additional credential prompts. Linking operation is symmetric, more than one account can be linked and the links can be revoked by the user anytime in the future. The feature can be experienced first-hand at the Hotmail website by all existing users. Congratulations to the team on this milestone.