Users Seek Online Security, Shirk Cumbersome Passwords

by Scarlet Pruitt

February 12, 2002 —

Security and ease are still the name of the game when it comes to
online shopping, according to Jupiter Media Metrix Inc. Reports
released this week by Jupiter state that, while many users want
increased authentication measures, they also want fewer cumbersome
passwords.

While the number of Internet users surveyed by Jupiter who were willing
to register personal information with a Web site increased from 26
percent in 1999 to 47 percent in 2001, a majority of users still seek
added security. According to the research, 80 percent of Internet
consumers want enhanced online authentication measures, such as four-
digit personal identification numbers like those used at bank teller
machines. In fact, 49 percent of those surveyed said that they would be
willing to type in a four-digit number when making an online purchase.
Furthermore, an additional 32 percent are willing to enter a password
created by their credit card company, Jupiter said.

These added security measures do not mean that users want to complicate
their online shopping experience, though. Jupiter reported that 42
percent of the Internet consumers were annoyed at having to type in
different logins and passwords to access different sites. Some 22
percent of online consumers between the ages of 18 and 24 wanted a
simplified login process, while 42 percent of respondents age 55 and
wanted the same, Jupiter reported.

The researcher noted that catering to the needs of these older
consumers will be an important strategy for sites, as these older users
are expected to be the fast-growing online group over the next five
years.

Password reminders are one way to make things easier for users, Jupiter
suggested, adding that only 35 percent of the online businesses it
surveyed allow users to create password reminders to assist them in
remembering their log-ins.

While Jupiter did not put forth an answer to the problem of multiple
passwords and log-ins, a handful of companies have already begun
working on the issue. Microsoft Corp.'s Passport authentication service
is one of the more notable attempts to solve the problem of multiple
passwords. Passport allows users to access a variety of sites with a
single login. The service has come under some fire, however, by critics
who fear that the software mammoth will use Passport as a means to
collect personal information. Microsoft vehemently denies these
allegations, saying that Passport was only created as a consumer
service.

It remains to be seen if any effort to streamline Internet
authentication comes under the same scrutiny by those who fear too much
information winding up in one set of hands.

Next Week: Brian Hatch, co-author of Hacking Linux Exposed: Network
Security Secrets and Solutions, takes the helm and shares
his valuable experience and insights.

ITworld