20 September 2009

Module 1 - Topic 2


OpenID

The web offers some neat services, but it can be frustrating keeping tabs on all those web accounts. (How many times have you forgotten usernames and passwords, lost the pieces of paper with all your accounts' details on it? Or, have it on a file on your computer, but not the computer where you need the information at this moment?)

OpenID offers a solution to the problem.


What is OpenID?

OpenID is an open protocol which allows you to use the same username and password for different web accounts.

This video explains how it works. (In the video My Vidoop is used as an OpenID provider.)

As you saw, it works like this:

Normally when you first open an account you sign up giving some details, including an email address, and choose an available username and password. A verification email is sent to the email address you have provided to verify that the email belongs to you. When you click on the link sent in the email to you (or use the code supplied) you are identified with the email address. This process is called authentication.

With OpenID you use a website address (URL) supplied by your chosen OpenID provider to authenticate yourself. The process is more automated. You sign in with your OpenID and the website goes directly to your OpenID provider for the verification process.

Why use OpenID?

You can now set up accounts and log in with the same username and password - quick and easy to sign up and sign in. No more creating 12 different usernames (because the one you wanted to use isn't available) and remembering passwords for all of them.

How to use an OpenID:

Not all web services make use of OpenID. When you see the OpenID icon (shown at top) or "sign in using your existing Google or Yahoo ID" it means that account has enabled OpenID authentication. So you can go ahead and sign in with your Google or Yahoo account details.














There are several OpenID providers :

  • OpenID.net's list has examples of URLs of popular accounts.
  • Wikipedia has a list of OpenID providers
  • OpenID directory can be a bit confusing to use but it is interesting to read the discussion on people's experiences with the individual OpenID providers.
Concerns about OpenID

When OpenID first became available there were some security and privacy concerns mentioned. Privacy may be an issue for you if you feel uncomfortable with the idea that your activities on the Internet can be traced. A security concern around OpenID is that it may be more vulnerable to phishing attacks, but if you follow the security advice discussed earlier it shouldn't be a problem.

General advice is to use OpenID for accounts where privacy and security are not important, but don't use it for sensitive accounts where security is very important.

If the Comments section below is not open .... click on the link to find participants' comments which could be helpful for this topic.
.............................................................................................................................

*** EXERCISES ***

*** FURTHER READING - Optional***
.............................................................................................................................

1 comment:

  1. ?? Did you know ?? .... If you have done the 23Things programme you already have several OpenIDs

    ReplyDelete