Last night I decided that I’m tired of not knowing what OpenID is all about, so I got one and learned how to use it, and thought about whether or not it is a good thing.
So the big idea as I understand it is that people should be able to have one login for all internet sites, instead of having to create an account at each of the 42 web sites that you use. This can be accomplished via the use of a single trusted source (that being your preferred OpenID provider), and having other web sites defer to it for authentication. Sounds good, right?
If you want to experience this for yourself, here’s how you can do that:
- Set up an account with a trusted OpenID provider. I set mine up with Verisign because I trust them.
- Go to a web site that supports OpenID and login with your newly created OpenID. Try Plaxo.
- Use the OpenID login you created (such as http://[username].pip.verisignlabs.com)
- Fill in whatever information is requested (this is made easier by the OpenID provider if you’ve fully set up your profile already)
- Determine whether you want to trust Plaxo forever, until a specified date, or just for this one moment
- Click “Allow”
So there are a couple of things going on here. First, you’re doing the work of setting up your OpenID up front, so that you may save yourself some time later by not having to re-enter that information when you login to a web site that supports OpenID. Second, you’re setting up your trust relationship with Plaxo up front, so that when you need to login there again, all you have to do is enter your OpenID (such as http://[username].pip.verisignlabs.com) and you are into the site (unless you are not currently logged into your OpenID provider’s site).
What does it all mean? Well for one, you don’t have to remember a password to login to Plaxo or any other web site that supports OpenID; you only need to remember the password for your OpenID and the string that represents your username (such as http://[username].pip.verisignlabs.com or http://[username].myopenid.com, depending on your provider). Additionally, you are you across all OpenID supported sites since your OpenID is unique.
It also means that you have to hope that the entire internet supports OpenID at some point in the future, if you only want to remember one password. If this really is your goal, I don’t think OpenID is your answer; you’ll fare better with some sort of locally installed software package that manages your internet credentials for you.
So all in all, I like OpenID, but it needs much more support. Specifically, I’d like to be me across GMail, Yahoo, LinkedIn, and Facebook for starters. In the meantime, if anyone out there knows of some good online identity management software that I could install locally, please comment here and let me know about it.