Microsoft is to base the next version of its Passport service on the open source Kerberos encryption protocol, despite its controversial history with the protocol.

In using Kerberos, Microsoft aims to beef up Passport's security, which could pave the way for rivals to produce compatible competing products, rather than proprietary rivals - which would defeat the premise behind Passport.

A critical part of Microsoft's Hailstorm web services strategy, Passport is a central store of customer information

The service lets consumers avoid having to keep re-entering their details when visiting new websites. Rivals such as AOL are thought to be working on competitors to Passport.

Passport has come under fire from privacy advocates who say its security is easy to bypass, and who question the wisdom of having such a large base of customer information under Microsoft's protection.

As a result, Microsoft has changed Passport to require less information from users wishing to open an account and has now [Thursday] turned to Kerberos, a portocol developed at the Massachusetts Institute of Technology which has a reputation for providing high levels of security.

However, Microsoft's track record with Kerberos is somewhat dubious, leading some industry commentators to doubt whether Microsoft is looking to make Passport truly compatible with rival products.

Last year, the original developers of Kerberos attacked Microsoft for customising the protocol in Windows 2000 to the point of turning it into proprietary software.