Do you have a facebook account, a myspace account, and a slew of other random accounts around the web? If you are reading this, you probably do. Because of all of these social networks and online services we have a lot of usernames and passwords that we need to keep track of. Some people try to always use the same username and password so that they don’t forget their login information, others use Password management software. Honestly, the idea that we need to have so many different logins that we need a password manager just seems crazy to me. Now wouldn’t it be nice if someone came along and created an open standard that sites could use to authenticate their users? Something that would allow each person to only have one username and password that they would need to remember? OpenID , is that technology. There are a number of sites already using OpenID, and soon there will be many more. With OpenID you control your login credentials (ie. username and password). You can even run your own OpenID server or use one of the many free OpenID providers.
So what is OpenID?
The OpenID website sums this up rather well, so I will quote them here.
“OpenID eliminates the need for multiple usernames across different websites, simplifying your online experience.
You get to choose the OpenID Provider that best meets your needs and most importantly that you trust. At the same time, your OpenID can stay with you, no matter which Provider you move to. And best of all, the OpenID technology is not proprietary and is completely free.
For businesses, this means a lower cost of password and account management, while drawing new web traffic. OpenID lowers user frustration by letting users have control of their login.
For geeks, OpenID is an open, decentralized, free framework for user-centric digital identity. OpenID takes advantage of already existing internet technology (URI, HTTP, SSL, Diffie-Hellman) and realizes that people are already creating identities for themselves whether it be at their blog, photostream, profile page, etc. With OpenID you can easily transform one of these existing URIs into an account which can be used at sites which support OpenID logins.
OpenID is still in the adoption phase and is becoming more and more popular, as large organizations like AOL, Microsoft, Sun, Novell, etc. begin to accept and provide OpenIDs. Today it is estimated that there are over 160-million OpenID enabled URIs with nearly ten-thousand sites supporting OpenID logins.” — openid.net
OpenID is a bit different than other authentication methods in that your OpenID is a URL. we have gotten used to giving a username or an email address out to sites across the web, but OpenID moves in a different direction by using a URL as the identifier. For example, my OpenID is thebristows.com , I have setup my website URL to be my OpenID. We have gotten so used to handing out our email addresses, but who wants to get more and more spam? I know I am reluctant to give out my real email address as the username at a site. So something needed to be used that could always be unique to an individual, and an actual username wouldn’t work across multiple sites because you could run into a username already being used by a different user. But a URL can be a unique identifier, so that is what OpenID has done. So I have adjusted my thinking to using a URL for an ID.
Now with my OpenID I can login to any site that is using the OpenID standard and not have to go through a bunch of hoops to use their services. In addition, I can change my OpenID provider at anytime (as long as I am using my own domain name as my OpenID), and not need to worry about my OpenID provider going belly up. I have chosen to use MyOpenID.com as my current provider, and if they close up shop I can just go and grab a different OpenID provider and link the new one to my website. This keeps me in control of my ID. My ID doesn’t ever need to change, and I like that. Or if I want to really have full control I can setup my own OpenID server.
Initial setup of an OpenID is really simple at MyOpenID.com and you can then link your MyOpenID to any domain name that you own by placing a small piece of HTML code into your <head> section on your root webpage. MyOpenID also gives you a URL you can use as your ID if you don’t have a website. For example in my case I could use jeffbristow.myopenid.com as my OpenID on websites that use OpenID. But I have added some HTML code to the <head> section of my website that allows me to simply use thebristows.com as my OpenID URL.
Another thing I like about OpenID is that I don’t ever give a username or password to anyone other than my OpenID provider, and if you run your own OpenID server, you never give your username and password to anyone except for yourself. Now, that sounds like security to me. This is far better than having hundreds of accounts across the web at different sites. This is really important for people who may use the same username and password across the web. OpenID allows you to have just one username and password, and gives you security in knowing that you aren’t handing that information to tons of websites around the world.
I have also added a plugin to my WordPress Blog so that anyone can leave comments, authenticating themselves with their own OpenID. And there is also a push to get WordPress to place OpenID authentication into their core files, so hopefully some future version of wordpress will utilize OpenID right out of the box.
Links to learn more about :