Passwords are hard. Even with password managers to generate and autofill them, they’re still a pain to use for all the daily logins in our lives. The problem is that there aren’t any great alternatives. However, the Web3 techs at the DFINITY Foundation are working on a promising alternative. It’s Internet Identity (AKA II), and it could reshape our online security. Here’s what we know.
What is Internet Identity?
Internet Identity is a Web3 (things that use blockchain computing) service that allows users to create an “anchor” for their physical devices, allowing them to sign in to compatible services securely. Instead of using password protection, Internet Identity uses a chip on modern devices to automatically generate disposable passkeys that are protected with Chain Key cryptography.
Think of it like a new, speedy way to authenticate yourself when logging in to a service. It’s also bound up in other Web3 concepts, like the ability to create multiple online identities for yourself, hence the name. It also hides your digital footprint, protects you from identity theft, and other benefits. All this is enabled under the DFINITY Internet Computer blockchain project.
Key Takeaways
- Internet Identity is a Web3 service that replaces passwords with disposable passkeys generated by a chip on modern devices, ensuring secure authentication.
- It offers advantages such as data security, protection against identity theft, and the ability to create multiple online identities.
- While it relies on Web3 and blockchain technologies, it does not require blockchain tokens, payment, or financial motivation, focusing instead on privacy and transparency.
How does Internet Identity work?
It’s a little techy. Still, it may sound familiar if you’ve used other passkey technologies. Users create an anchor identity that’s embedded in the Internet Computer blockchain and assign devices to that anchor. Those devices use a special TPM chip to generate hidden passkeys to sign in to Web3 services or dapps (decentralized applications).
These passkeys are enabled via biometric authentication or a similar type of security process (think Face ID) that doesn’t require a password. Then, a handshake protocol combines a public key and a private key, allowing users to sign in to compatible services automatically.
This approach has several advantages when protecting your identity online. First, there’s no password to hack, and even the TPM passkeys are entirely private, so no one else can access them when you sign in to a service. That’s pretty great for data security! And since a new session is created for every login, it’s harder for anyone on the other side to track what people are doing.
So this all depends on blockchain stuff, right? Is that safe?
Yes, it’s based on Web3 and blockchain technologies. However, unlike other stories that reach the headlines involving blockchain boondoggles, this is all fairly innocuous stuff. You don’t need to own a blockchain token to use Internet Identity. You’re not paying for anything. Developers pay for the blockchain computations on their end. The process was designed to stay away from financial motivators and focus on privacy.
Still, it’s very much a part of the Web3 world, and that association can lead to a lot of techbro nonsense and more dubious applications. But direct investment in blockchain isn’t required to make this work, and no one is trying to sell a cheap idea here.
What does Internet Identity work with?
Internet Identity only works with supported services via the Internet Computer Protocol. In other words, Web3 dapps and not much else. DFINITY and others are betting that blockchain authentication techniques like this will soon become the norm and that its protocol, in particular, will be widely supported. But that’s a big “If” right now, with many unknowns, although the service has lots of potential.
This is probably Internet Identity’s greatest weakness. It’s generally meant for Web3-compatible dapps like OpenChat. You’d have to visit each of your apps and logins and check to see if they support this kind of Internet Computer technology. Many of them, including popular social media, probably won’t unless you’re deeply embedded in the blockchain tech world.
What authentication devices do I need for Internet Identity to work?
This is the good part: Your average biometric login will do nicely. That can include fingerprint readers, facial identification features, and other technologies that are on our everyday devices. For those who want a little extra oomph, Internet Identity supports real-world passkey technologies like Yubikey to protect your digital identity.
Does Internet Identity cost anything?
No. It’s entirely free and open source. That’s an important part of the service, as it emphasizes privacy and transparency for your data.
Is all this better than passwords?
Internet Identity is more convenient when using dapps, and it’s very safe. It also makes it harder for big tech or social media companies like Google to profile you, but if you use dapps, this probably isn’t a big issue. And it provides an easy way to create multiple social identities for added privacy. You don’t even need to provide any personal information to use it. However, that also means it’s important to manage your recovery options properly in case something goes wrong.
Keep in mind that while you can’t be tracked with this method, it creates a trail within the blockchain. Theoretically, only you can access this with your seed phrase (that’s the point), but it exists apart from your physical devices.
How do I get started with Internet Identity?
You can visit the site and create an anchor any time you wish by following the step-by-step directions from your search engine. You’ll have to authenticate yourself and choose a recovery method like a seed phrase or a security key. Then you’ll need to add specific devices, like your Android phone, to your anchor so that they work properly. If you’re concerned about the nuts and bolts, visit their code on GitHub or ask the community more about it.
Now you know what to expect with Internet Identity
Internet Identity is worth your time if you use Web3 services or are interested in adopting privacy-friendly dapps. Its future, like the future of all Web3 at this time, is still cloudy, but it’s a solid foundation for authentication software. Plus, it’s entirely free and doesn’t require any iffy blockchain investment scams to work. That’s the Web3 approach we like to see, even if Internet Identity still has to prove it’s a good step forward for the latest decentralized internet activities.
