5 reasons why you should take Single Sign-on seriously

F2MKE BlogA recent report by the credit checking company Experian warned that the average online consumer had 26 separate online logins but just 5 different passwords.

Two thirds of people have accounts they no longer use but have not closed down, leaving them vulnerable, the research found.  Every week we learn about new and major hacks leading to the comprising of our usernames and passwords.

In July 2012 we have already heard about the ‘loss’ of 450,000 Yahoo identities, over 1 Million Android forum IDs, 20% of all Microsoft account credentials – where they had been reused on other websites – and LinkedIn hacked twice in as many months.

It is all too easy to reuse the same ID – typically your email address together with your favourite password – when registering with different websites online.  The problem – and the very real threat – is that it only takes one of these websites to fail in keeping that ID and password safe and suddenly your online information and access across many different websites is in jeopardy.  What’s more, you may not even realise until you go to apply for a credit card, loan, mobile phone, or mortgage and are refused.  Perhaps worse still, the debt collectors come knocking upon your door!  Even if you do discover that a website you use has ben compromised, can you really remember all of the websites that you signed up to using the same ID and password so that you can sign-in and change your login credentials?

Standards-based Single Sign-on is one killer tool in your defence arsenal!  The following 5 reasons pretty much cover the benefits of using the Single Sign-on technology Oauth for your social online world and Shibboleth if you are in the classroom.

Popular Oauth Identity Providers include Twitter, Facebook and Google.  For more about the prevailing Shibboleth standard in education, simply search this website.

Now for those 5 reasons:

1) When you connect to a new website, application, or service provider using Oauth or Shibboleth, your username and password is not shared with, or stored in, that provider’s system.  If it’s hacked, your ID and password stays safe.

2) It is good practice, alongside having a complex password, to change that password often.  In the Shibboleth and Oauth Single Sign-on model, you can do this just once and in one place resulting in all of your other online presences relating to this change.

3) If you suspect that your password has been compromised, as with (2), you change it once and in one place.  No need to try to remember what you’ve signed up for and how to get there!

4) A single username and password for everything leaves space in your memory for other things; like remembering to pick-up some milk, or the kids, on your way home from work.  Oh and less reason to write it down too!

5) There are SO many great online resources out there asking you to sign up.  Can you really trust the honesty and security of them all?  With true Single Sign-on you can register with the peace of mind that they haven’t got hold of your username and password – often they shouldn’t even need to ‘know’ other personal details such as your name.

So there you have it.  Single Sign-on together with a ‘strong’ and frequently changed password will keep thing more simple and more secure for your online adventures.

Great WordPress plugin for converting your website to mobile app style format!

WPtouch Screen ShotWPtouch Screen ShotWPtouch by BraveNewCode Inc., is a WordPress plugin which formats your website with a mobile app style theme for visitors accessing your site from devices such as the Apple iPhone, or iPod Touch, Google Android, Blackberry Storm and Torch, Palm Pre and other touch-based smartphones.  I discovered it yesterday evening and I’m really very impressed!  Configuration was simple right down to setting up colour schemes and icons for each of your page links.  You can decide which categories and pages you want to display on mobile devices and whether to include links to RSS and email.  There is even the option to disable other WordPress plugins which may feature scripts that cause conflicts when used upon mobile platforms.  The WPtouch plugin is a brilliantly executed solution and best of all, it’s free!  Here are some screen shots showing rendered using WPtouch on  my iPhone 4.  Why not check it out for yourself?

Visit to read more about and download WPtouch.


Have a play with Tagxedo and create some stunning word clouds from your blog, tweets, search phrase and so much more!  Here’s one I made earlier…

F2MKE Tagxedo Word Cloud

Learn to Code

Gove announced at BETT 2012 that the Department for Education (DfE) is launching a consultation with a proposal to withdraw the existing National Curriculum programme of study for ICT.

Instead, teachers will be given the choice over what and how to teach.

So what will this really mean for our children of today and competitors for global jobs of tomorrow?  I absolutely agree that ICT as a subject should fast shift from lessons devoted to the frankly uninspiring teaching of spreadsheets and word processing (this should be embedded use of ICT across the curriculum anyway) and towards the exciting and essential skills that will tool up the Google and Facebook developers of the future – how else will we compete in a global knowledge economy?  But I fear that, given the choice of what ICT to teach and how to teach it, our children will be exposed to an education lottery. Now more than ever is not the time to devalue the need for brilliant ICT skills.

Hmmm… I’ve rather gone off on a tangent as I was going to talk about the brilliance that is – perfect for the classroom and the home.  Coding should start at primary school alongside the Times Table and Spellings 😉

Here’s what Michael Gove said at BETT 2012…

Google Chrome OS

Google’s Chrome Cloud focussed OS and Chromebooks combined with a Google Apps for Business or Education deployment, have the potential to revolutionise the business and education IT world by significantly reducing support and maintenance costs, improving availability – ergo productivity, bettering Total Cost of Ownership (TCO) and sustainability and delivering greener IT.

Here’s a great video that illustrates why a move to the Cloud makes sense…

What is Shibboleth and the UK Access Management Federation (UKAMF)?

Shibboleth is an open source and standards based software package for web Single Sign-on (SSo). It allows software services and applications to make informed authorisation decisions for individual access of online resources in a privacy-preserving manner.

In the United Kingdom, the UK Access Management Federation (UKAMF) provides a single solution to accessing online resources and services for education and research using the Shibboleth software.  Identity Providers (IdP) and Service Providers (SP) can register with the UKAMF by following a set of procedures and implementing agreed to policies.

The best explanation I have found so far about how Shibboleth and the UKAMF works is in the following video…

It’s all about me :)

Another infographic generator from This visually plots information based upon your answers to some fairly basic questions against the responses of over 200,000 previously surveyed people.

It's all about me infographic

Some easy to use and fully customisable inforgraphics generator tools would be fantastic! IBM’s Many Eyes online tool is a good start, but I want to be able to use my own base images, colours and stuff… Powerful in the classroom and in business.

The quiet Google Apps and Chromebooks revolution

Over the past few weeks I have been assessing how best we can deploy and manage a set of Google Chromebooks to be piloted across a group of schools.  We already have an enterprise deployment of Google Apps for Education with approximately 130,000 users grouped into around 450 Organisational Units.  The entire user and organisational management is efficiently streamlined using the Systems Interoperability Framework (SIF); new users, transient users and leavers are all near-time captured through SIF making account management a breeze!

How does this work?  (1) The school Management Information System (MIS) is updated – pupils and staff intake, leavers, or changes – and modifications are transported securely via SIF and the (2) Zone Integration Server (ZIS) to the Identity Management (IdM) server.  Here users identities are matched or created.  (3) Then the identities are passed via SIF to the ZIS and then (4) on to Google Apps.

SIF Identity Management

Now here’s the cloud clever bit… Before deployment to your users, each Google Chromebook is registered with your organisation’s Google Apps domain using the management console.  Here you can define a multitude of policy options including which applications, or extensions, a user should, or should not, have access to.  Policies can be defined for different organisational units – pupils and staff, sales and marketing, etc. – and updated at any time.  Any user who signs-in in to any registered Chromebook will automatically receive the profile relevant to them.  Organisational Unit policy changes are automatically applied the next time a user signs-in, or after a set time period.

Chromebook Management

This is a fantastic example of how simple, powerful, efficient and cost effective cloud computing really can be.  No expensive domain servers to maintain and house.  No network intensive traditional roaming profiles.  Easy management from any place in the world with an Internet connection.  Flexible and mobile workforce and learners.

The Evolution of the Web

Whilst trawling for information on Chrome OS and its supporting devices to understand how these might be deployed and managed across a large estate, I stumbled upon this great interactive infographic, built in HTML5, which details the evolution of major web technologies and browsers.

The Evolution of the Web

Live on YouTube

It’s official! YouTube is entering it’s next and possibly next best phase… Live streaming… YouTube coverage is easily everywhere; on our phones, on our games consoles and of course, on our computers.  So obviously the next step is to enter into world wide web that is live broadcasts.

YouTube Live

At the moment you have to be Google pre-approved – at the moment… So Pirate TV for the masses is, as yet, not a virtual reality. Your mobile device will have to wait too as there is no mobile functionality for YouTube streamers… Yet. All of these yets do make sense for Google, to see how the service might develop in a relatively controlled environment, to maintain a quality check and of course, to allow time for the momentum of the developing masses to come up with some interesting and killer app engaging ways of making this a must have service.

A cool touch is that you can click to add an upcoming live stream to your calendar.

Hey! Have a look 😉