Matthew@MSN

/me ranting about technology, MSN and stuff

Microsoft Passport Network 3.0 coming soon... [rev1]

Some of you may have noticed some new Passport logos Sign in with your Microsoft Passport Sign out of Microsoft Passport sites last night.  Hopefully that means Microsoft Passport Network 3.0 will be launching shortly.  Passport will loose the .NET name and focus on being used for mainly Microsoft sites.  eBay and others have already removed Passport support from their sites.  Although Passport was initially developed as a single sign-in service for the revolutionary web services market, Microsoft soon scaled it back as the Hailstorm initiative failed.  Although this doesn't mean that Microsoft isn't committed to web services.

The new Microsoft Passport Network will be much more user friendly, making it easier to manage the information stored in a user's account.  MSN Account Services site will be focused on providing an easy gateway to all that information, including marketing preferences, your children's accounts, account credentials, privacy and security.

The upgrade appears to be in progress now, but here's a little sneak peak of the new features and UI [sorry, you have to scroll down when opening the image].

Update [2005/04/27 16:58 -6]Mess.be has also reported on the new Passport, although they're mistaken on a number of points.

>View "Create a security key" (for strong-credential sign-in).

Security key was discontinued back in the beginning of March and is expected to be redesigned.  However, the security key may have been removed for security reasons as Passport 2.5 is upgraded to 3.0.  That is to say, that upgrading secure information could in itself be a security risk and the information was deleted to prevent that - part of Microsoft's increase security awareness.  Security key is used as additional protection against extremely private information, such as bank statements stored in MSN Money, so most people will not need to set up this service.

>View "Add or change your Mobile credentials" (probably linked to MSN Messenger 7's Offline/Mobile Messaging feature).

Mobile credentials is nothing new and will not be tied with Mobile Messaging, which will still need to be done at the MSN Mobile site.  Adding a phone number and PIN to your Passport allows you to easily sign in to Passport on mobile devices.  You can also sign in to Passport on a computer with this phone number and PIN if you add @passport.com to the end of the phone number.

And finally the unoffiical MSN Messenger enthusiasts site Messenger Blog is giving a link to one test bed although I would highly recommend that you don't go playing around with it.  It's possible to harvest any information in a number of test beds since security is generally not enabled when debugging.  Soon enough we'll all be able to play with it.

/update

@Matthew

Posted: Apr 27 2005, 04:16 AM by matthewsoft | with 18 comment(s)
Filed under: ,

Comments

TrackBack said:

<p>&lt;ul&gt;&lt;li&gt;&lt;a href=&quot;http://www.netacademia.net/blogspace/soci/archives/002985.html&quot; target=&quot;_blank&quot;&gt;sp_MSforeachtable&lt;/a&gt;&lt;/li&gt;&lt;li&gt;&lt;a href=&quot;http://spaces.msn.com/members/netjack/Blog/cns!1pKgU
# April 28, 2005 8:34 AM

matthewsoft said:

I do not like the new verification. Takes me 3-4 times to get it correct due to illegibility of them. One of my friends would have given up if I did not do it for her and she would have not been able to join our MSN Group. There are going to be alot of upset people. People do not realize that all letters must be caps and some you cannot tell if it is a squiggly line or a letter/number and you have stare at it for a bit.
# April 29, 2005 7:46 AM

matthewsoft said:

Hi Eric,

Human Interactive Proof [HIP] or Captcha test [Completely Automated Public Test to tell Humans and Computers Apart] is an important part of the fight against SPAM, this being for fighting bots that create free accounts to send SPAM. Microsoft has made the system more robust and thus unfortunately more difficult. The new system will include a way to get a new image and make it easier to see the audio option. Hopefully both features will make it easier for us, but still enough to stop the bots. Recently HIP has started to intervene when a user is sending quite a lot of mail, particularly in a short amount of time, this being designed to slow down scripts for bots that already have accounts.

MSN certainly appreciates feedback, so please feel free to send them a quick note about the problems with HIP at https://register.passport.net/contactus.srf and/or http://support.msn.com/feedback.aspx?productkey=signup.

For more information about HIP, please see these interesting articles: http://news.com.com/Microsoft+attacks+spam+at+source/2100-1032_3-1019455.html http://news.com.com/Porn+gets+spammers+past+Hotmail%2C+Yahoo+barriers/2100-1023_3-5207290.html.

@Matthew
# April 29, 2005 9:54 PM

matthewsoft said:

One thing I forgot to mention, eBay removed the service on January 24, 2005 and Monster.com October 22, 2004 [probably because MSN Careers moved to partner with Careerbuilder.com instead].

@Matthew
# April 29, 2005 10:19 PM

matthewsoft said:

The original CAPTCHA test is much easier than Microsoft's verification, which would take 3-4 times to get right, and it did have (scary) audio. Let's hope that the new tset comes in quickly. The verification on this page is fairly easy to read.

Fixed mess.be mews link: http://rotem.siterush.com/framer/?q=http://www.mess.be/inews.shtml#newsitemEEEuyEVAuApBQSIXkT
# April 30, 2005 6:47 AM

TrackBack said:

# May 11, 2005 1:28 AM

matthewsoft said:

Ok today 11/05/2005 was the release i can sign in every passport page with my account, but from messenger 7.0.0813 the latest one oficial on the web . I cannot sign in my net passport , inside msn today, spaces or my hotmail account through the messenger. error " invalid e-mail or password"

Ed.
# May 11, 2005 7:08 PM

matthewsoft said:

Ok it took me a day to find it, but is so simple , since yesterday the Microsoft passport Network came through, a lot of people can't sign in through messenger to their hotmail accounts or their friends spaces , well in the messenger tools in options, in the security tab , I have to uncheck the "ask me for a password everytime you open Hotmail or pages by Microsoft passport"
and with that the problem was solved , but I am asking why I have to uncheck that security to make things function?
I thought that the new Microsoft Passport Network will have a lot of security but not that much that someone have to turn it off to access or sign in

Ed.
# May 12, 2005 6:07 PM

matthewsoft said:

Hey Ed, thanks for adding your comments. MSN is aware of the issue and it will hopefully be resolved soon.

@Matthew
# May 13, 2005 1:41 AM

matthewsoft said:

I commend that Passport 3.0 is better than the older version. However I am still perplexed that Passport is slower and unnecessarily more complex than Yahoo's universal sign-in network. Switching to different MSN Services (e.g. Hotmail, Spaces, Music, My MSN) and even signing-out takes a lot more time than with Yahoo Services (e.g. Mail, 360, Launch, My Yahoo). MSN and Yahoo are by far the world's largest portals, however I feel that Yahoo has always had the more consistent, easier, and faster to use sign-in system across the board.

I believe the two portals are similar, though Yahoo has more services to manage. Yahoo's user account management, mobile communication management, and security factors are on par with Passport. It even adopts HIP/Captcha sophistication.

So it is of curiosity why Yahoo, from early on last decade, had the 'better' sign-in system? And now that Passport 3.0 won't involve itself too much with aggressive .Net expansion - it still is slower to sign-out!
# May 15, 2005 12:15 PM

matthewsoft said:

Hi Sam,

Although I'm not an expert in the Yahoo! sign-in process, it appears to not be nearly as complex as Microsoft Passport. Passport is a single sign-in system, but it only handles all the permissions for your account, when it comes down to it, it relies on the other Passport sites to handle sign-in and sign-out. Basically, Passport allows other sites to access your data, but it's the responsibility of those sites to respond quickly to that data. That's why there are potential problems with signing out of certain services - if those services don't respond then you're not signed out from Passport's perspective. However, that all revolves around the server, so you can still sign-in as a different user even if Passport doesn't receive confirmation that you're signed out. Eventually your session with that service will time-out anyway.

Microsoft Passport is very different from Yahoo! since there are no outside properties that use Yahoo! sign-in. Although Passport is becoming more like Yahoo! and the majority of sites using Passport will in fact be Passport, Microsoft appears to be using the same system Passport has been using since its birth.

I hope I didn't just confused you even more, but there's your answer. Yahoo! can control all aspects of their sign-in since it doesn't pass credentials to outside services, meanwhile Passport will if you so choose to sign in to a Microsoft Passport site. I must say I'm surprised that there is so much interest in Passport; I thought this blog post would be boring.

@Matthew
# May 15, 2005 3:22 PM

matthewsoft said:

quiero saber la contraseña de mi correo
# May 17, 2005 11:16 PM

TrackBack said:

^_~,pretty good!csharpsseeoo
# May 19, 2005 10:19 AM

matthewsoft said:

é claro que gostei...
# May 19, 2005 11:38 AM

matthewsoft said:

I have been unable to access my Hotmail account ever since the 3.0 upgrade more than a week ago. Somehow, Passport suddenly thinks I'm "under 13 years old" inspite of the fact that I've had an account for 10 years and I'm in my 50's. I can't believe that Microsoft wanted me to give them my credit card number to "prove" my identity. Aren't they at all sensitive to identity theft problems? After five frustrating days of no response from customer service, someone finally contacted me and suggested that I fax a copy of my drivers license which I did immediately, against my better judgement, and still I can't access my account. I'm disgusted with Microsoft.
# May 23, 2005 5:20 PM

matthewsoft said:

Hello Linda,

I'm sorry that you've had so many problems with the Passport 3.0 upgrade. I can't imagine why Passport would think you were under 13 unless the wrong birth date was selected in your profile. Because of the COPPA law, MSN and other web sites have to comply with strict privacy rules for children under 13, which can only be identified by the birth date in your profile. For more information, see http://family.msn.com/onlinesafetyguide/article.aspx?name=onlinesafetyguide_article6, http://www.coppa.org/ and http://truste.org/businesses/childrens_privacy_seal.php. Please contact Microsoft Product Support Services again and ask them to check the status of your CST ticket number. If you would like, I can try to escalate the issue if you contact me via http://msmvps.com/matthewsoft/contact.aspx.

Kind regards,
@Matthew
# May 24, 2005 10:04 AM

TrackBack said:

Microsoft Passport Network 3.0 coming soon... [rev1]ooeess
# July 22, 2005 8:33 AM

TrackBack said:

Microsoft Passport Network 3.0 coming soon... [rev1]ooeess
# August 2, 2005 8:21 PM
Leave a Comment

(required) 

(required) 

(optional)

(required)