I first heard about OpenID in 2005 and have kept hearing about it more and more since then. I never actually jumped on the bandwagon and started using it though – until now. I won’t go into the details of OpenID because you’ve probably heard about it just as much as I have. The goal of the OpenID is to reduce the number of accounts and identities web users must manage on various websites and instead just maintain a single online identity.
If OpenID is so useful, why has it taken me this long to begin embracing it? At first it was a bit of skepticism. Why would I delegate my identity to an OpenID provider? I was always taught not to put all of my eggs in one basket. It just seemed like trusting my entire online identity to one provider/service was a bad idea.
I never actually took the time to read up on how exactly OpenID worked and just didn’t feel comfortable changing my workflow to support something that had yet to tout large adoption rates. After a while it all started to make sense. Why have my identity with one site and another similar identity with another site and so on? DataPortability comes to mind. Users should have the ability to easily control their identity and personal data for any site or online community to which they belong.
For the average web user, one that doesn’t own a domain, OpenID probably won’t make sense for some time. Tony Haile pinned down some of those reasons in a recent post about OpenID. Maintaining an online identity is all about merging a personal brand and communication identifiers to authentication. Logging in with a generic OpenID URL does little to create a fluid user experience and tie those three identity elements together. I didn’t like using an OpenID service whose authentication URL wasn’t under my “control”. Logging in with my domain feels better, even if I do end up delegating that to an OpenID provider.
<link rel=”openid.delegate” href=”http://clickpass.com/public/pauls”/>
Fortunately that issue is waning away as OpenID providers like Yahoo! allow people to use more personally-meaningful URLs, such as their Flickr photos URL, for OpenID. Ideally, OpenID URLs should be tied to a real profile of that person and be more than just a URL, an identity.
Naturally, OpenID is pretty useless if the sites you use regularly don’t support it so that was a big reason why I didn’t feel the need to use OpenID.
Clickpass did it for me
Clickpass made me rethink OpenID. A mixture of their seductive site design, pleasant and clear UX and clicking to login to (supported) sites made it easy to use. Clickpass still faces the initial OpenID problem – adoption. There aren’t many sites that support Clickpass, yet. Regardless, Clickpass makes for a stellar OpenID provider.
With that being said, I’d like to announce that Skribit now supports OpenID and Clickpass. It’s one more site you can give your new Clickpass account a test drive on.
Your Turn
Do you embrace OpenID and Identity 2.0? What sites do you use your OpenID on? Who is your OpenID provider? Is OpenID here to stay? I’ll go first: (1) Yes, (2) Basecamp, Skribit, Hacker News, Jyte (among others), (3) Clickpass and (4) OpenID has the support of large corporations as providers but those corporations have yet to actually use OpenID themselves (the canonical example being Flickr not supporting OpenID login even though Yahoo! is a provider). Give it some time, OpenID here to stay.
Related
If this stuff is interesting to you, you might like this as well:
- Chi.mp – Content Hub and Identify Management Platform and their identity blog
- demand.openid.net
- Vidoop – OpenID provider with a twist: no password, at all.
- Misc writings by Chris Messina
- 37signals Why OpenID page
- Why Should I Use OpenID? at Hacker News
Tweet This
Stumble This
{ 4 trackbacks }
{ 47 comments… read them below or add one }
Interesting. I did consider trying out this whole OpenID thing a few years ago, but I never really got to it. I see it around a handful of websites, but not nearly in as much places as it could be. Yea, it’d be cool if more places adopted this. Then it’d be easier for everyone else to get OpenID’s. Also, I definitely know that a lot of people look at OpenID just like you did, Paul. The whole idea of keeping all your eggs in one basket being a bad idea applies to a lot of people.
More from author
Actually, the cool part is you can basically supplement your authentication using any method you’d like. For instance, you can get a PayPal/Verisign Security Key for $5 and then link it to a Verisign PIP account (their OpenID service). So, you can get something *way* more secure than a password and inject that kind of security into any site supporting OpenID.
You can do this for other types of authentication methods. Fingerprint scanners. Facial recognition. You name it. If you can code it to speak OpenID, you can be way more secure than a simple username/password combo. And more importantly, it’s a lot easier to be that kind of secure.
I know Invision Power Board is supporting it in their next version. I’m sure vBulletin will follow. That means most forums out there will end up supporting it. That’s going to do wonders for adoption.
More from author
Site note: Going to enable OpenID on your blog here? ;)
More from author
I love this whole idea but what if I already have accounts on those services!
More from author
I’ve hit a snag on the user side: I know I have an OpenID somewhere, but I forget where. Since multiple sites offer to be my credentials, that’s just more confusing. Especially when many of these sites also allow local usernames, that I already have.
@rmaspero – you can easily merge accounts
@markzero – i guess you can say that’s the downside of decentralized identity management.. but the only one really. just gotta remember who your provider is. :-)
More from author
While there are reasons to believe that OpenID is going to be the target of a new breed of spammers, I did embrace it, only after I found the option to link it to my own domain: MyOpenID gives you the option to set up your own OpenID (sub)domain.
Must say that it does take away the extra trouble and it still gives the feel of a personal touch, rather than yet another connection to flickr, wordpress or whatsoever.
More from author
I use myOpenID, but after you talked about Clickpass and posted those screenshots, Imma try it out right now! :-)
More from author
@Tim Dorr – try it now. :-)
More from author
Guys, here’s the link to the OpenID plugin if you want your blogs to be OpenID enabled: http://wordpress.org/extend/plugins/openid/
More from author
“Clickpass made me rethink OpenID. A mixture of their seductive site design, pleasant and clear UX and clicking to login to (supported) sites made it easy to use.”
Is “UX” supposed to be “UI”? If not, what is UX?
More from author
@Mike Skalnik – User Experience. It all flows together really well.
More from author
Yey, just trying out the OpenID form. Seems to work pleasantly. :)
More from author
Just trying out the new OpenID form. Seems to work pleasantly. :)
More from author
Doesn’t seem to work with my wordpressblog delegating to clickpass…
More from author
Works swimmingly, provided you see this post ^_^
More from author
I think the only two sites that I use w/ OpenID, on a consistent basis, are Backpack & Ma.gnolia. There are more I probably could use but, at the moment, those are as far as I’ve gotten. When we used Basecamp internally at the office, being able to switch between that and my personal Backpack pretty quickly was a nice perk.
claimID is my provider and I use their service as aggregation for all my social media profiles, mentions, etc. Kills two birds with one stone. Certainly going to checkout clickpass though, looks pretty slick.
More from author
I abandoned browser bookmarks once and for all last week, and decided to sign up for del.icio.us or ma.gnolia for the tag-goodness. Surprise, ma.gnolia requires OpenID authentication and that was a real turnoff for me. I wanted to try the service out, but didn’t want to spend the time researching delegation. They lost me to del.icio.us without a fight (and I’m loving it). Basing an entire service’s access on OpenID is a downgrade for me, but I like the possibilities.
More from author
Hi Paul,
Thanks for the great review. It’s great to see both that you’ve had such a good experience with Clickpass and of course that you’ve added it to Skribit. Good to have you on board.
More from author
Your questions:
1) yes
2) Ma.gnolia, Plaxo, Venteria
3) usually myOpenID.com but I switch providers sometimes
4) Only if at least one of the big companies (Google, Yahoo!, Microsoft,…) will become a relying party (=allowing OpenID logins on all or at least most consumer properties), preferably this year.
More from author
Hi Paul- I’ll echo most of the posts here by saying, yes- I’ve tried OpenID before. I also went ahead and hit clickpass today… and yes, it looks nice. I’m not sure about how much actual use I’ll get from it though.
Could you elaborate on your code snippet ‘link rel=’ etc? I’m STILL not sure how the whole OpenID thing works when you want to use your own domain… and that’s something that is certainly lacking (feature- and documentation- wise) on the clickpass site- I just didn’t get enough from the FAQ question about delegation.
Also- a list of all sites that clickpass supports would be killer (or a bigger list- or is “new sites” all of them? hmm)- I’m sure there are lots of sites I’d love to try out that I just don’t know about.
great site, btw!
More from author
There’s a lot of power that goes behind using a URL as a form of identity. I also think that it won’t be logically difficult for users to adopt, if the URLs are easy to remember. This is up to the service providers. For example, if johndoe@yahoo.com can be remembered easily, surely johndoe.yahoo.com can be. More thoughts here:
http://socialgraphtheory.com/2008/graph-concepts-you-are-your-url
More from author
http://github.com/alx/openid-server/tree/master
I’ve made this openid php server to be put on your webhost if you want to host your own openid server (and not depend on external website).
Configuration is pretty simple, and you can fork the project to add your own code :)
Have fun
More from author
OpenID is just passport 2.0. This is exactly what Microsoft was trying to create all those years ago. The only difference is that it is now open. There are however still massive problems. Such as all a spammer needs to do is create their own openID server(s) and they are logged in.
Also, if you run your own OpenID server you will find out how easy it is to spoof being someone else.
More from author
@rick: The code snippet Paul posted has to be put in the head section of your website or blog. The first line tells the relying party (=a website that accepts OpenIDs for login) who is your OpenID provider (in this example it’s Clickpass), the second line includes Paul’s username at Clickpass. So Clickpass knows who it should authenticate.
This is called delegation and let’s Paul use paulstamatiou.com as his OpenID; he doesn’t have to use the Clickpass URL. If Paul decides to switch the OpenID provider he just has to change those lines of code and is still able to use paulstamatiou as his OpenID.
More from author
What are the benefits of using Clickpass rather than MyOpenID besides the nice button? I don’t really get it, sorry.
More from author
Very cool that you support openID on Skribit. How hard/easy was it to integrate that service into the Skribit system?
More from author
I ripped accounting out of my hobby app in development and went all OpenID thanks to Clickpass. Although the documentation/tutorial flow is a bit odd at times, I thought their approach and diagrams did a better job of explaining OpenID than I’ve seen before.
http://poetry.heroku.com
I think OpenID will catch on if it gets a widely-used killer app that pushes using that rather than standard redundant accounts. However, this makes me nervous because big companies that make widely used apps have an incentive to become a provider but *not a consumer.* Someone needs to figure out how to turn that around. I don’t see the individual accounts being a big enough problem for the average user to go grass roots any time soon.
I use Clickpass as my provider, primarily. I have at times also used my Yahoo!, LiveJournal and Blogger accounts, but mostly for testing.
More from author
Yes, I use it. Mine is through MyOpenID, though, so I was on before this Clickpass thing took off and haven’t really bothered to check it out because I am lazy. ;) I use it for any and all sites that accept it with the exception of anything that uses financial or other personal information. Those I have a separate sign-in for. It definitely reduces the number of passwords I have to save, but I’m still at about 140 new accounts over the past year.
More from author
I do use it, but pretty much only because basecamp lets you link accounts that way. :)
More from author
I first learned about OpenID from Security Now #95 and have been a fan ever since.
It is fairly easy to implement and I recently implemented it on a personal project I am working on.
Security Now episode: http://www.grc.com/securitynow.htm#95
More from author
Thanks for the heads up, Paul. I learned about OpenID a little while ago, and like you and a lot of commenters here, didn’t really see the benefits because of the low adoption on many sites. But I’ve just started using Clickpass as my provider, and it’s making life easier already. Hopefully we’ll see an explosion with OpenID soon, with more sites adopting it.
More from author
Hey, I finally signed up for an OpenID and I think I like the idea. I wonder if I can add my blog url, so that other readers have better contact options other than email.
My first comment with OpenID using Clickpass.com
More from author
Hey, this is actually awesome. I just added the lines you added to this post to my blog header file (Wordpress blog) and now my URL equals my OpenID thing. Yay!
More from author
Ok, so I’ve been playing with openid for the last day, because paul really did inspire me to dig more deeply. I did the redirect deal so I could use my site url for login and I also checked out PhpMyID which allows you to set up your own openID server. While both are technically interesting, I’ve got to say- for the average user, and possibly even some more advanced users, OpenID is still pretty much useless.
It’s one more thing to set up (and the myopenid setup isn’t short). It’s one more thing to go down (yes, clickpass even had downtime yesterday). And it’s just not *enough* benefit for a “normal” user to go out and do it. Not to mention, UX at clickpass is good, but at other sites it just plain SUCKS! I opened a buxfer account using openid yesterday- even though my account was created, I got an error message (ugh). Hit refresh and the message is gone, my new account page shows up (so it wasn’t an error?), but my username (which displays on every page) is the hideous “openid_123975″ *yuck*
I mean, I REALLY like the idea of having some site (facebook/flickr/google/etc) automatically giving you an openid you can use anywhere. I think users will certainly start to do that as more sites incorporate the “log in via facebook/flickr/google” option like Buxfer has. I just don’t see anyone other than us dorks and nerds (and geeks) going out and actively getting an openID and jumping through these hoops.
More from author
I think OpenId and Clickpass are good ideas. I personally dont have an account in both because i dont feel like I want to, but maybe in the near future and when my list of usernames and passwords becomes too complex maybe I will.
More from author
1) Yes, we embrace OpenID and Identity 2.0
2) Use my OpenID on Plaxo, CNN Political Market, 37 Signals, Google Blogger, AOL’s Ficlets & Propeller, and lots of blogging and discussion group sites.
3) My OpenID provider is myOpenID.com. MyOpenID.com supports SREG, Attribute Exchange, Infocard Integration, SSL Certificate integration, Anti-phishing site verification, CallVerifID phone-based multi-factor authentication, multiple personas, and many other features. Other offerings include solutions for organizations to issue OpenIDs to employees, partners, members, and customers.
4) Is OpenID is absolutely here to stay.
More from author
The ability to merge my accounts make this sound more appealing
More from author
I like OpenID a lot, (though not so much how Blogger sets itself up as your default provider).
More from author
Do you embrace OpenID and Identity 2.0? What sites do you use your OpenID on? Who is your OpenID provider? Is OpenID here to stay?
OK, now to answer those questions:
1. OpenID is great — I love the idea, and how it can be as secure as you decide to make it.
2. I use it on your site, the Fedora Project site, as well as other random sites that accept it.
3. Fedora Project account system is my provider.
4. It’s here to stay.
More from author
All I know is that I’m growing tired of opening up Apple’s Keychain to jog my memory when it comes to usernames and passwords. Some get stored in Autofill and some do not. Maybe it means I need to cut back.
On the blogging front, I seem to be noticing a lot of peeved bloggers and commenters who really dislike OpenID, especially when visiting Blogger blogs. Adoption in this area is going to really need a kick if OpenID is really here to stay. When forums start implementing OpenID as another poster hinted at, it will definitely gain some traction.
More from author
I like the concept of Open Id but its not going to be big unless big company’s like Google and Micorsoft push for it. They have no incentive involved in doing so. Microsoft uses its livespace id and Google uses its own google id as passport for all its associate. Yahoo is the only company which has been pushing for Open Id concept. I, as a user, would not like to use any company other than bg 3, to handle and authentcate all my ids on the web. The examples that you mentioned do not have that brand image in the web world.
Will be writing some more stuff on Open Id on my blog. Watch for it @
http://seeunforeseen.blogspot.com/
Just testing OpenID
More from author
OpenID is the way to go. Extremely simple, works great.
More from author
As long as we can host our own OpenID’s this is nice. Forget about the centrally stored OpenID services…
1 hack worth a million… yeah you get the point.
Exactly the same thinking as me :
- scepticism at first
- just adopted it for most sites last week (myvidoop.com)
1. OpenID is great
2. If a site accepts it, then I merge my account with my OpenID
3. MyVidoop.com
4. It’s here to stay and in a few months/years all newly born baby will have one by default.
More from author
The Clickpass interface is definitely gorgeous, and much less frightening than that of other services. However, I have my reservations about their start page, that, while beautifully Spartan, provides almost too little information to the newcomer. Oh, well, better not enough than too much I guess…
More from author