What is an openid and why do you need one?
You will notice on the comments page of this blog that this thing called an ‘openid’ is accepted in lieu of registering with the site or waiting for your comment to get through moderation. This is one of the cool new things I have been experimenting with and so far it looks promising.
If you are anything like me, you have more usernames and passwords than you know what to do with. Almost every time I try to pay my bills online I struggle with remembering what username and password I set for that particular site. Most of the time I end up having to send myself an email reminder, after I figure out what email address I used to sign up.
Enter the openid. It is a decentralized authentication and information distribution scheme which (I hope) will make providing the same mundane details (name, dob, email, address, unique username, password, etc…) to each site you want to use.
Confused yet?
Here’s how it works:
You register with an openid provider. Myopenid.com is my favorite so far. This provider hangs on to your basic personal details for you, such as your name, email, zip code, country and language. They give you an openid url, let’s say for example trogdor.myopenid.com.
Once you go through the basic song and dance of creating your account there (the regular email confirmation, give us your details, make a password jig), you can set up different ‘personas’ that hold on to data for you. I won’t go into much more detail, but you select a ‘persona’ when you register for a site the first time that specifies what data to provide to that site (once you have an openid, register for my blog to try it out and see how it works).
Some of the more tech saavy of you will be wondering now, isn’t this just like microsoft windows live id (the aging of us remember it as passport)? Those of you who have no clue what that is are most likely the ones who use it the most; hotmail, msn and msn messenger all use the windows live id. This basically means that if you have registered for a hotmail account, you automatically have a login that works with msn messenger and any other windows live id sites. The concept sounds cool, but in reality it never really caught on past Micro$oft products.
The main difference between windows live id and openid is that microsoft has total control over the database of live id’s. If they want to use this data for less than scrupulous purposes, you are basically hosed. At least with openid, since anyone with a server and an internet connection can set up a provider, you can switch to another provider if yours acts unscrupulously. An interesting sidebar: microsoft has actually embraced the openid standard and will be (if they haven’t already) allowing people with windows live id’s to use them as openid’s. Let’s just hope they don’t pull the last two steps of their usual embrace, extend, extinguish process.
So why do I need one of these again?
If it regularly irritates you that you have to sign up for yet -another- site just to read a piddly little article or leave a nugget of wisdom to educate an ignorant blogger, you will love this. I encourage you to try it out in the comment section of this post. You will even get a cool little openid logo next to your name (that will cause uninitiated to bask in your unbridaled coolness).
But it doesn’t work with all the sites I use!
Quit being a wimp, it is still cool. Just kidding, there is a valid rationale for embracing something new and innovative like this. First of all, there are already a ton of sites using openid and some big players signing on such as AOL and Micro$oft. A list of sites that use it is available here.
Secondly, by signing up and using your openid, you are contributing to a larger movement and essentially casting a vote saying “I grow weary of registering for anything and everything”. Web companies livelyhood is usually based on keeping up with the trend. If enough people get on board, webmasters and programmers will respond with support.
Some icing for the cake
The last cool part about some openid providers is that they allow authentication both through using a username and password on their site or through something called a client certificate. Without getting too complicated, a client certificate is a digital identity verification mechanism built into your browser. If you have one of these (which myopenid.com installs for you automatically when you create one from the menu), your provider will recognize you when you try to sign on to an openid enabled site.
A client certificate is cool for any computer that you don’t share, like your home desktop, personal laptop, pda, iphone, etc… You wouldn’t want to install one on a public or shared computer for a couple reasons. First, anybody could log in as you. Second, it takes a few minutes to set it up (after the first time it is transparent though). If you are on a public computer, you can always just sign on using your plain old username and password for your openid provider.
I hope you see how useful this could be for those of us that register on lots of different sites and end up remembering lots of different passwords. And if after all this, you don’t see it, get one anyway.