• OpenID

last modified July 11, 2011 by strypey

With people using the web for more and more social functions, it becomes increasingly important for them to be able to manage their online identities. The IdentityCommons working group has formed to investigate these issues.

Around 2008, a lot of commentators were noting that having to remember a unique login (user name or email address) and password for every site and supply it again every time we use a networked service is becoming a major nuisance. One solution is OpenID, created by one of the oldest blogging sites, LiveJournal, as a way of using one piece of information to login to multiple sites across the web. It is now supported by thousands of sites, and since 2008 it has been adopted by most of the major players in some form.This may be because a lot of functions have been added to the basic protocol, and services added to make it more user-friendly.

Some criticisms have been made of the OpenID model.

  • Most revolve around trust/ security. I presume that these have either been solved, or turned out to be FUD, since there was a lot of bloggage around this around 2008, but most of the big players on the social web have now implemented OpenID in some form. 
  • There have been some calls to incorporate OpenID into browsers, possibly using Gears, so that people can use the multiple login function without any plug-ins or hassle
  • There have also been suggestions that actually having to login to a website is archaic, and that it would be better to login to your browser, and have it identify you automatically to every site you have an account on. I've been thinking this for a while. It would be necessary to login to more than one openID during the same browser session though. For example, I might have an OpenID for work purposes, associated with my work contacts, and a separate one for social purposes, associated with a nickname, and my home contacts.
  • Some have even gone further, asking why this isn't automatically done when you login to your desktop. The answer to this is simply that many people do not have secure desktops, or may be using a public computer. However, having the option to login automatically to your browser when you login to your own secure desktop on your own computer would be handy, for those who understand the need for a guest account when they let other people use their computer.