OpenID - is it worth it?
Sep
17
Maybe some of you out there is already using OpenID. Some of you might not even know what it is.
With OpenID users doesn’t have to register on every site (and blog communities like Livejournal) they want to be a member of the OpenID does it for you, which means that you only have to have one login name and one password for every login page you go to.
However, there aren’t many sites offering this OpenID on their site. It is still quite new and there are a few flaws to consider before you implement it to your site (or use if for yourself):
- Huge risk of phishing - Site that claims to support OpenID can during verification send you to a page that looks like yours and then steal your password or any other information.
- The spam risk is very high - You can get automated and fake users/robots that logs in to your site and creates suspicious content.
- It’s still new - The OpenID technique is still very new and it doesn’t have enough users or traffic to make it work like a charm. We all remember when WordPress was new, right?
I would say that OpenID can be a great tool in the future, but it still needs a lot of work to get me to sign up and use it.
Are you using or have you used OpenID? Tell me how it works/worked for you!
Filed under: Geek
I don’t use it, and have no intention to. I am great remembering things though, so probably that’s why :)
Posted on September 17th, 2007 at 12:49 pm
It works fine for me.
I have tried several OpenID
And the future is present already.
I support OpenID now not tommorrow.
Posted on September 17th, 2007 at 1:51 pm
I haven’t looked at it yet, but I have thought about it. But with all those risks, I think I’ll wait until it’s safer to use.
Posted on September 19th, 2007 at 2:38 pm
Here we go again with the chicken and the egg.
For Jenny the chicken comes first.
Jorge is working with the egg already to see the little chuck come out healthy and strong.
Rhys doesn’t have to remember docens of sites logins.
But Rhys has to write ID and Password every single time.
Posted on September 19th, 2007 at 3:34 pm
I’m already using it, and I do in fact sometimes come across sites where I want to make a comment but they require me to sign up or sign in using OpenID :)
Also, the risk of phishing is dependant on your OpenID provider. For example, they can let you upload an image that will be displayed on your login page, so when someone redirects you to a fake login page you won’t see that image and you’ll know it’s fake.
The spam risk is just as high as with e.g. anonymous comments such as these. I suppose you also have an anti-spam system installed which you can also implement for OpenID.
And as for the fact that it’s still new: that’s not really a problem. I mean, it wasn’t such an effort to create an OpenID and when a site doesn’t support it, I just don’t use it. It’s that simple :)
Posted on September 23rd, 2007 at 6:24 am
I use OpenID and I like it. However, I don’t see it becoming a ‘mainstream’ thing until a major player jumps on board (discounting AOL) and says “hey, look! you all have OpenIDs; no go and use them”
Google, maybe. Yahoo!, possibly; neither will because they have their own Account type which they’d love to see become a Universal thing. Facebook login would work too - it works just the same as OpenID and everyone already has a Facebook account.
Posted on September 23rd, 2007 at 2:04 pm
I have been part of the community that evolved OpenIDv2 - that was two years ago. It has come a long way. The chicken egg problem is being solved in an interesting way. OpenID providers are creating ID’s for their user bases but not really telling everyone they have one (just yet) so every AOL screen name is also an openID http://openid.aol.com/screanname. They have not tole them this yet because….there are not enough Relying Parties to justify doing so. However knowing that there are 70million AOL users that have OpenID’s and could be told by the company they have an OpenID it gives Relying Parties the confidence to decide to take the time to accept OpenID’s. Then at some point the number of Relying Parties will reach a point where it makes sense for large Identity Providers like AOL to let their uses know they now have this new thing.
I am gald this conversation is happening. I hope more end users of the technology become involved in expressing their thoughts about where it all should go.
Posted on October 7th, 2007 at 12:35 pm
I think the problen OpenID would run into is ventage service providers like AOL if anything is tracked IP wise. then work have conncerns with browser scritping on the server side. Nice Idea but it could be more of a headache. I really don’t like “cookies” OpenID would be an issue for me.
Posted on February 13th, 2008 at 12:50 am