As of yesterday afternoon, AOL has implemented Vidoop’s visual authentication system as part of its OpenID initiative, which was formally launched in February 2007.
Vidoop, a startup that replaces usernames and passwords with image grids, partnered with AOL to provide its OpenID users with an extra layer of security. This delivers Vidoop a potential user base of about 100 million users.
Unfortunately, AOL is still just an issuer of OpenID accounts - not a relying party. So users can’t actually use the same Vidoop-protected OpenID accounts that AOL has given them to actually sign into AOL services. AOL and other big internet players have yet to step up and become relying parties, a move that will be necessary to push OpenID into the mainstream.
Vidoop offers an alternative to the traditional username/password login system by displaying images in a grid with associated letters. Upon initial registration, users define 3-5 image categories (cars, dogs, flowers, houses, etc). When they sign into a site, a variety of images appear in a randomly-generated grid, and users enter the corresponding letters to their pre-defined categories. Because this visual system requires a higher level of intelligence, it’s harder to steal someone’s login information and use it to access all OpenID-enabled sites with it.
The implementation of authentication security can be cost-prohibitive, but Vidoop actually tries to help its partners make money. Advertisements are randomly dispersed throughout the image grid, and revenue from them is split in two ways.
Vidoop has also partnered with Charles Schwab Retirement and hopes more financial organizations will follow suit. Clickpass, a popular OpenID initiative covered here, partnered with Vidoop this past March. The startup brought Scott Kveton, the Chairman of the OpenID foundation, onboard in February.
See all
Post
Vidoop is taking openID back 10 steps, the process is about 3 times harder than it should be. Every time i have to “authorize my computer”, no matter what it will not remember my computer. This means sending emails, verifying, everytime.single.time.
The use of images makes things even more difficult than a standard password. Perhaps it will be a better match for the “AOL demographic” then power users.
Btw, YHOO closed almost at $24 while MSFT went down to $25
Hellooooooo!
Any more FUD to spread?
This is going to be great for AOL’s bottom line. AOL gets paid 1/100th of a cent for every single person who uses this system to log in. They could easily get a million people to use this every single day, and like the last article said, they’d earn $3000/mo. That’s nearly double their annual revenue!
I can’t remember my Vidoop images. True story.
Calley Nye - who are you and why should i (or anyone else) be interested in what you have to say?
what is your background. what are your qualifications. please advise. tks.
-=)
I am glad that I am not an AOL member. If you really want to try something easier and more secure, please check out https://mashedlife.com/. It works on my new 3G iPhone too!!! Btw, we plan to integrate this single sign-on feature (we call it “loginmark”) in our next HHOTT View toolbar release. It should allow you to make a quick “loginmark” selection to log onto any of your accounts.
Oh and by the way..just under the Vidoop option is the token option from Verisign. In addition to using the token with AOL, users can use the same token with Paypal. ebay, VeriSign’s OpenID provider at pip.verisignlabs.com as well as other relying parties which are part of the VeriSign “VIP network”.
Interested folks can check out Paypal’s description here: https://www.paypal.com/us/cgi-bin/webscr?cmd=xpt/cps/securitycenter/general/PPSecurityKey-outside
The Verisign solution costs the user money . And you have to carry a seperate key fob.
I don’t want to pay for security. I don’t want to carry anything else in my pockets other than my mobile.
I dig the business model.
Thanks for the post Calley (http://friendfeed.com/siliconcalley). Vidoop is all about making OpenID easy to use and for anyone having issues with any of our services please let us know here:
http://getsatisfaction.com/vidoop
We are working on our affiliates program http://affiliates.vidoop.com among other things to make them simpler and more rewarding. Besides OpenID we also offer a password manager for storing/organizing your traditional logins and passwords: http://twurl.cc/2no
Our end goal is for people to feel comfortable using their myVidoop OpenID for high value transactions, and we just got a new video up explaining how that is all possible: http://www.vidoop.com/vidoop_how.php
Just a minor correction. Vidoop is in the process of moving its base of operations from Tulsa, Oklahoma, to Portland, Oregon. It is not based in Seattle.
Vidoop’s headquarters are now in Portland, Oregon as of sometime this past spring I believe (June or so?). Crunchbase is out of date!
Check out Silicon Florist by Rick Turoczy for more info (http://siliconflorist.com).
Nice catch Rick! You beat me to it. This dial-up at O’Dell Lake is killing me!
This deal is “over” for Vidoop - they’ve gotten the publicity. That’s it. Vidoop should assume that they will get very few users from AOL - 10k if they’re lucky.
Notice that they’re listed as one of many optional additions to your AOL account. AOL has no real commitment to push them. I’ve seen the numbers from these types of deals with AOL and the company that partnered with AOL is ALWAYS disappointed.
I will be surprised if many of the AOL members will go thru the torture of:
1. setting up the browser with a verification code
2. viewing all picture ads
3. passing the picture/category recognition test
4. finding numbers with the recognized pictures
5. typing the numbers correctly
Now you can decide how this compares with other login methods.
You do have a point that myVidoop is more complicated to use than a simple login/password, though you exaggerate the complexity of our system a little bit. In the end its all about compromise, the alarm on my house adds a level of complication I wouldn’t have otherwise, but I want it there because it helps protect all my action figures.
While you may not have anything incredibly important stored online now, you very likely will. As you are asked to store more important information online (health records, etc.) don’t you want something stronger than a login and password to protect it all? OpenID is the starting point, but most OpenID providers still just let you have a password. Kudos to AOL for offering multiple options that people can use for free to help truly secure their data online, such as the Vidoop ImageShield.
As noted earlier we are always eager to hear feedback on how our service can be improved.
I’m not buying into this OpenID anymore. Until the big four start using symmetric OpenIDs, we are not going anywhere. If they are going to keep issuing-only, what’s the point?
I think this project is bound to fail, if many other sites implement Vidoop then how many pictures I need to remember?!
It is shocking AOL uses the blatant way to sell graphic ads under the excuse to make you more secure.
For simple, reliable and secure authentication, I just bought a Yubikey and I think that’s the true innovation that solves the problem elegantly.