There is still so much talk about verified accounts. Not everybody in the world that has access to the internet and is able to use Second Life is also able to have access to credit on US terms, which the current payment info registration requires.

Another option is the e-mail verification. The step to not acknowledge verification from hotmail, yahoo, gmail, and any other anonymous e-mail provider is a plus. It doesn’t solve all but does cut out a lot of alt accounts.

The ability to allow such free entry while being able to defeat hostile grid attacks is a plus.

There are ways to validate accounts on a very strict basis. For example, you buy the key — one time fee. However, such key does limit free entry. Someone might not be so interested in SL if they know they have to go out and buy a key.

If the entry was strictly secure, there may be unknown risks with the world itself unable to handle some random or unintentional grid attack. Free entry has enabled, but not encouraged, grid attackers. The Lindens gain knowledge on better ways to deploy anti grid-attack measures on every hit. With strict entry security, such knowledge is only limited to unintentional events. Anotherwords, strict entry with complete validation still doesn’t stop someone from being able to attack the grid. (i.e. They probably don’t care if their real identity is known.)

I rather see better anti grid-attack measures over stricter validation, as strict validation gives a false sense of security that there would be no grid attackers.

Linden Labs should not be responsible to verify accounts. This can be done with agencies besides Linden Labs that do the verification. Very simple process that could be implement in world right now.

An external server would hold a key database. The database would be similar to the process that Blizzard has done. Unique keys are acquired by a user. The user then submits the key for verification. The key must be already registered within the database, which help prevents falsely generated keys. The keys can not be duplicated. If one key is activated twice for any instance needed, it is a concern. Blizzard usually bans accounts under such circumstances as duplicate keys found.

Scripts within SL can contact the key server to verify the key on hand. The key server reports back the status of the key or other data likewise.

The easiest thing to do with such keys is to allow access to a group. That group can be tested for within scripts for access features. Like if a member is part of a group, than they are allowed entry into a sim or that are able to use an object with permissions. This group access has already been done by hand without scripts and keys.

What I don’t explain here is how to associate a key owner to a registered key in the key server. Blizzard requires someone to go and buy a copy of theirs games, and each copy comes with a unique key. SL wouldn’t require you to buy a copy of their client. However, agencies probably could be setup to require their CC info first (if the must so desire such status quo) or other forms of verification.

I’d imagine their would be several agencies interested in being key servers. It could mean $$ for them.