Microsoft has managed to hire a Canadian entrepreneur whose pioneering work in identity management may lead a lot more people to find out who he really is.
I first encountered Dick Hardt about four years ago, when he left the anti-spam firm ActiveState (later sold to Sophos) to create a new single sign-on system called Sxip. Pronounced “skip,” the technology was based on a network that would deliver personal information of registered users to trusted “home sites” such as banks and ISPs. It never really went anywhere – there were rumours of a buyout that never happened, then a lawsuit from angry investors – but it held a lot of promise. Someone in Redmond noticed.
Hardt has recently announced (hat tip to Tim Bray’s Twitterfeed) that he will be joining Microsoft as a partner architect in creating ID management solutions for enterprise, government and consumer users. In a FAQ on his Identity 2.0 blog, Hardt explained his motivation:
“My open source, open web and digital community experience will continue to guide my thinking. For me, this is an opportunity to work on the identity problems I have been toiling over for the last six years, but now with massive resources.”
A sellout? Sure, but selling out makes sense when you’re given an opportunity to pursue your end goal, and that’s what’s important here. Microsoft has been a dismal failure in identity management, whether it was the ill-fated project Hailstorm, Passport or now Windows Live ID. As we move into a more cloud-based, software-as-a-service world, trusted online authentication has never been more critical. If Hardt can help Microsoft build something workable, he will have achieved far more than he did as founder of Sxip.
What’s interesting is that Hardt’s mandate is not solely focused on business users. That’s a good thing, because a lot of the issues around identity management in 2009 and beyond will be coming up with access to services that cross both consumer and commercial lines. We all have a set of personal passwords now, just as we have a number of logins for various office-based software programs. What Hardt needs to do at Microsoft is figure out a way to making signing in once and recognizing that a user is still the same person whether they are at work, at play or (more often) somewhere in between.
None of this will be easy given the lack of trust around Microsoft, but I’m excited to see what Hardt will accomplish in Redmond. Maybe, just maybe, he can give the world’s largest software company a whole new identity around safeguarding and managing personal information.