What is OpenID? According to OpenID.net: OpenID is a free and easy way to use a single digital identity across the Internet. With one OpenID you can login to all your favorite websites and forget about online paperwork! Wow, that sure sounds great.
OpenID is a great idea. One place to login! Imagine not having to remember your username and password for the multitude of sites that you need to login to. Once you have signed up with an OpenID provider, like one of the ones below, you will then just need to enter your OpenID URL into a supporting site’s login page; and if you have not already authenticated with your OpenID provider you will be asked to login, and if you already are authenticated you will be logged into the site.
OpenID also assists with transferring information like Name, Location, Profile Icons and so on to the site. This helps in that you don’t need to retype this information as much as you used to for each individual site you signed up on.
The main drawback to OpenID is that if your username and password are stolen or phished, then all of your registered sites then become targets. While some OpenID providers try to alleviate this (by using image verification or two-factor authentication), the majority do not.
The following is a list of suggested OpenID Providers, along with a quick summary and the pros and cons of each:
MyOpenID is run by a company named JanRain, who was an early adopter and promoter of OpenID services. A leader in the industry but also a small company. Look for them to be acquired in the future.
Pros: A widely used provider. Allows you to set up a customized OpenID URL, such as openid.yourdomain.com. Major supporter of the OpenID Standard.
Cons: The company is not “big”, so they have an unproven track record.
Think you don’t have an OpenID? Google recently joined the multitude of OpenID providers out there by offering OpenIDs to all Google Accounts. So, if you have a Gmail address, you already have an OpenID! Visit their account page, sign in and get your OpenID URL for signing up with OpenID compatible sites.
Pros: Many people already have Google Account access, Google is a stable company with a track record of security.
Cons: Google knows all.
ClaimID is an OpenID provider which has more than just OpenID. You can “claim” URLs that are yours, and save them to a profile page. Afterwards, you can use your ClaimID URL (which also serves as your OpenID URL) to log into OpenID sites. ClaimID differs from other providers in that they give you a “profile” page that you can send other people to. You can also import images from Flickr, links from Del.icio.us, and more.
Pros: One of the more consumer-friendly OpenID providers, a profile page is included.
Cons: The site seems to be still in the beta stages. An unproven track record.
Verisign Labs PIP
Verisign Labs Personal Identity Provider is the OpenID service from the well-known security firm. Their service is ‘plain’, which is a good thing in my opinion. Also, unique to Verisign PIP is the availability of using two-factor authentication with your openID login, further securing access to your websites. For more information on setting this up, see my post on integrating two-factor authentication. They also provide a free Firefox addon which will automatically fill in your OpenID url on websites; and gives a visual representation if your OpenID login is currently valid.
Pros: Only two-factor provider I found, well known security company. Free OpenID Firefox addon.
Cons: OpenID URL is hard to remember.
For a full listing of OpenID providers see: http://openid.net/get-an-openid/
In summary, you use OpenID to consolidate your logins. Currently, the main drawback is that not many sites accept OpenID as a valid login. Some major ones, Blogger, WordPress, and more [ ] are coming online. Look to see a slow adoption at first, then a ‘tipping’ point where many sites will follow. From indications I’ve seen, it will not be long before we see major OpenID adoption among blogs, news sites, and more. On the tail end, and after the technology is proven, we may see banks and other “high security” sites accept OpenID.