Registered user

Last updated

A registered user is a user of a website, program, or other system who has previously registered. Registered users normally provide some sort of credentials (such as a username or e-mail address, and a password) to the system in order to prove their identity: this is known as logging in. Systems intended for use by the general public often allow any user to register simply by selecting a register or sign up function and providing these credentials for the first time. Registered users may be granted privileges beyond those granted to unregistered users.

Contents

Rationale

User registration and login enables a system to personalize itself. For example, a website might display a welcome banner with the user's name and change its appearance or behavior according to preferences indicated by the user. The system may also allow a logged-in user to send and receive messages, and to view and modify personal files or other information.

Criticism

Privacy concerns

Registration necessarily provides more personal information to a system than it would otherwise have. Even if the credentials used are otherwise meaningless, the system can distinguish a logged-in user from other users and might use this property to store a history of users' actions or activity, possibly without their knowledge or consent. While many systems have privacy policies, depending on the nature of the system, a user might not have any way of knowing for certain exactly what information is stored, how it is used, and with whom, if anyone, it is shared. A system could even sell information it has gathered on its users to third parties for advertising or other purposes[ citation needed ]. The subject of systems' transparency in this regard is one of ongoing debate[ citation needed ].

User inconvenience

Registration may be seen as an annoyance or hindrance, [1] especially if it is not inherently necessary or important (for example, in the context of a search engine) or if the system repeatedly prompts users to register. A system's registration process might also be time-consuming or require that the user provide the information they might be reluctant to, such as a home address or social security number.

See also

Related Research Articles

Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

Remote Authentication Dial-In User Service (RADIUS) is a networking protocol, operating on ports 1812 and 1813, that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service. RADIUS was developed by Livingston Enterprises in 1991 as an access server authentication and accounting protocol. It was later brought into the IETF standards.

Internet forum Online discussion site

An Internet forum, or message board, is an online discussion site where people can hold conversations in the form of posted messages. They differ from chat rooms in that messages are often longer than one line of text, and are at least temporarily archived. Also, depending on the access level of a user or the forum set-up, a posted message might need to be approved by a moderator before it becomes publicly visible.

Captive portal Web page displayed to new users of a network

A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a Wi-Fi or wired network before they are granted broader access to network resources. Captive portals are commonly used to present a landing or log-in page which may require authentication, payment, acceptance of an end-user license agreement, acceptable use policy, survey completion, or other valid credentials that both the host and user agree to adhere by. Captive portals are used for a broad range of mobile and pedestrian broadband services – including cable and commercially provided Wi-Fi and home hotspots. A captive portal can also be used to provide access to enterprise or residential wired networks, such as apartment houses, hotel rooms, and business centers.

Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems.

Java Authentication and Authorization Service, or JAAS, pronounced "Jazz", is the Java implementation of the standard Pluggable Authentication Module (PAM) information security framework. JAAS was introduced as an extension library to the Java Platform, Standard Edition 1.3 and was integrated in version 1.4.

A one-time password (OTP), also known as a one-time PIN or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to something a person has as well as something a person knows.

Logical Security consists of software safeguards for an organisation’s systems, including user identification and password access, authenticating, access rights and authority levels. These measures are to ensure that only authorized users are able to perform actions or access information in a network or a workstation. It is a subset of computer security.

OpenID Open and decentralized authentication protocol standard

OpenID is an open standard and decentralized authentication protocol. Promoted by the non-profit OpenID Foundation, it allows users to be authenticated by co-operating sites using a third-party service, eliminating the need for webmasters to provide their own ad hoc login systems, and allowing users to log into multiple unrelated websites without having to have a separate identity and password for each. Users create accounts by selecting an OpenID identity provider and then use those accounts to sign onto any website that accepts OpenID authentication. Several large organizations either issue or accept OpenIDs on their websites, according to the OpenID Foundation.

Email privacy is a broad topic dealing with issues of unauthorized access to, and inspection of, electronic mail, or unauthorized tracking when a user reads an email. This unauthorized access can happen while an email is in transit, as well as when it is stored on email servers or on a user's computer, or when the user reads the message. In countries with a constitutional guarantee of the secrecy of correspondence, whether email can be equated with letters—therefore having legal protection from all forms of eavesdropping—is disputed because of the very nature of email. As more communication occurs via email, as compared to postal mail, this is considered to be an important debate.

A password manager is a computer program that allows users to store, generate, and manage their passwords for local applications and online services.

Password fatigue is the feeling experienced by many people who are required to remember an excessive number of passwords as part of their daily routine, such as to logon to a computer at work, undo a bicycle lock or conduct banking from an automated teller machine (ATM). The concept is also known as password chaos or more broadly as identity chaos.

Login Process by which an individual gains access to a computer system

In computer security, logging in is the process by which an individual gains access to a computer system by identifying and authenticating themselves. The user credentials are typically some form of "username" and a matching "password", and these credentials themselves are sometimes referred to as alogin. In practice, modern secure systems often require a second factor such as email or SMS confirmation for extra security.

A roaming user profile is a file synchronization concept in the Windows NT family of operating systems that allows users with a computer joined to a Windows domain to log on to any computer on the same domain and access their documents and have a consistent desktop experience, such as applications remembering toolbar positions and preferences, or the desktop appearance staying the same, while keeping all related files stored locally, to not continuously depend on a fast and reliable network connection to a file server.

Privacy-enhancing technologies (PET) are technologies that embody fundamental data protection principles by minimizing personal data use, maximizing data security, and empowering individuals. PETs allow online users to protect the privacy of their personally identifiable information (PII) provided to and handled by services or applications. PETs use techniques to minimize possession of personal data without losing the functionality of an information system. Generally speaking, PETs can be categorized as hard and soft privacy technologies.

User (computing) Person who uses a computer or network service

A user is a person who utilizes a computer or network service.

Apple ID is an authentication method used by Apple for iPhone, iPad, Mac and other Apple devices. Apple IDs contain user personal information and settings. When an Apple ID is used to log in to an Apple device, the device will automatically use the settings associated with the Apple ID.

Microsoft account

A Microsoft account or MSA is a single sign-on Microsoft user account for Microsoft customers to log in to Microsoft services, devices running on one of Microsoft's current operating systems, and Microsoft application software.

Social login is a form of single sign-on using existing information from a social networking service such as Facebook, Twitter or Google, to sign into a third party website instead of creating a new login account specifically for that website. It is designed to simplify logins for end users as well as provide more and more reliable demographic information to web developers.

In computer security, general access control includes identification, authorization, authentication, access approval, and audit. A more narrow definition of access control would cover only access approval, whereby the system makes a decision to grant or reject an access request from an already authenticated subject, based on what the subject is authorized to access. Authentication and access control are often combined into a single operation, so that access is approved based on successful authentication, or based on an anonymous access token. Authentication methods and tokens include passwords, biometric scans, physical keys, electronic keys and devices, hidden paths, social barriers, and monitoring by humans and automated systems.

References

  1. Metz, Rachel (20 July 2004). "We don't need no stinkin' login". Wired.com.