Give Me Unified Login or Give Me Death!

A question came across the ASAE Technology Section list this week about how to manage multiple logins for a variety of web-based services offered to members of an association. I chose to deliver a bit of a rant rather than a direct answer. I’ve posted my note below:

I think the time has come where any serious vendor in the association market should support authentication from another system for their product and associations should begin to demand it.

As others have posted, this level of integration is relatively easy to achieve via web services. Sure, each association/system will have its quirks that may require some tweaking but the basics are well defined.

Hostile user/login management systems immediately cripple your ability to create member value on the web. We, as an industry, shouldn’t tolerate it any longer.

I think that people these days are willing to create a new login for organizations/companies that they interact with and receive value from. One login. Unless the value you provide is incredibly high, most will not be happy to create multiple logins for just you and many will not bother. Vendors take note: you’ll be at an increasingly greater competitive disadvantage the longer you fail to support external authentication mechanisms in your services and products.

Comments

Fred
An example of a site with multiple logins??

December 21st, 2005 at 6:49 pm
David
ASAE and it’s career center is one example. The situation comes about most commonly when an association adds a third party, hosted, system to the mix of offerings on their site.

December 21st, 2005 at 7:28 pm
Fred
Well, let’s say they use iMIS. Business objects cost $10k, upgrading to the e-suite is $50k. Ok, so you get your in-house developer to connect your third party app to the iMIS database. Wrong. That voids your iMIS warranty.

December 21st, 2005 at 7:52 pm
David
AMS is certainly one piece of the problem. Basically, everyone needs to work on supporting either providing authentication services to other systems or tying in an external auth service.

December 21st, 2005 at 8:58 pm
Kevin Holland
Then don’t buy iMis, or any other AMS that isn’t willing to play in this game. David’s absolutely right. A big problem is that many associations have invested huge dollars (in almost all cases, more than they should have) in systems that are proprietary and singular in their approach. Setting standards like the ASDC is doing is a step in the right direction (though I fail to see how the business models of the “big” AMS providers would allow them to really embrace it), but what we really need is a good open source AMS. Imagine a modular AMS app built in MySQL or one of the other os dbs that can then be customized for individual organizations by any number of external or internal consultants. I’ll keep dreaming….

December 22nd, 2005 at 1:42 pm
C. David Gammel, High Context Consulting » Blog Archive » Quoted in The Washington Post: Access Denied
[…] The article is a good lesson for site developers to keep in mind: the plethora of usernames and passwords that people have to manage these days is a real burden and a barrier to using sites in many cases. You have to balance your security measures with the sensitivity of the data you are storing and the value of your service to your customers. It is also critical to unify your own login system so that ONE username/password pair can be used to access all services related to your company. […]

September 25th, 2006 at 10:36 am
Integrating Third Party Web Sites: Don’t Forget the Template! | C. David Gammel, High Context Consulting: Unleashing the strategic potential of the Web.
[…] A common issue I come across in my work is the effective integration of third party services with the overall web presenece for an organization. And I don’t just mean the login system, although that’s been a hobby horse of mine for some time. […]

July 18th, 2007 at 4:31 am