
Online Overload – It’s Worse Than You Thought (2015) - dredmorbius
https://blog.dashlane.com/infographic-online-overload-its-worse-than-you-thought/
======
dredmorbius
A bit of background on this.

A few years back, another HN user commented in a thread that they had over 700
entries in their password manager. I chalked that up as a power-user problem,
though a notable datapoint. My own list is similarly extensive.

(packet_nerd reports this from 7 months ago, though I recall this being
several years ago.
[https://news.ycombinator.com/item?id=19488899](https://news.ycombinator.com/item?id=19488899))

Reading through an Experian report on online identity and fraud, the statement
that the _typical_ online user had "about" 100 accounts struck me. I've tried
sourcing this claim, which is uncited, and it seems strongly similar to the
Dashlane study linked here. The 100 services number is worldwide, for US
users, it was 130.

Which is from _2015_ , which is to say, four years ago, nearly five. The rate
of growth, which is often more critical than the absolute scale, is given as
15% per year. Which, applying the rule of 70, means the _doubling_ time is
five years. _If_ that trend has persisted, the number is now on the order of
200 - 260.

There are some caveats: Dashlane are apparently basing this off of a base of
20,000 users, who have an inbox-processing tool installed, which classifies
messages, and from which the accounts-per-user information is gleaned. Even a
20k _nonrandom_ sample of a large userbase my have profound biases (this is a
self-selected set of users who've installed a specific processing tool, etc.,
etc.), and it's likely that the actual overall median and mode values are much
lower. _But the values are still high and growing rapidly._

Upshot is that I really don't think that an accounts-based, relationship-based
approach to services can scale. In the spirit of "if something cannot go on
forever, it will stop" (Stein's Law), the question becomes _how_ this might
stop.

We might see a vast consolidation of services, the widespread adoption of
throwaway accounts, or some form of non-acount authentication (e.g., PGP
signed messages, rather than authenticated users). The likely direction is
quite uncertain.

