Geekularity

OpenID is an up and coming authentication standard that allows you to log into participating web applications using the same credentials for each. No more having to remember different usernames and passwords. You can authenticate with an OpenID compatible web service using a unique URL instead of a username and password. In my case the unique URL is http://seanosteen.com. Since this URL is unique to me, I do not need to worry about someone else registering the same username and blocking me. My authentication URL will always be http://seanosteen.com for as long as I own my own domain name.

Of course, right now, this standard is still in its infancy. Many more sites need to support it, and many *many* more users need to start using it in order for the technology to gain the necessary critical mass. Give it 3-4 more years, and I think most commercial websites will support OpenID authentication.

OpenID will thrive in an arena where other federated or single sign-on services have not, and here’s why:

1. OpenID is just as its name implies, an open standard. Anyone can implement an OpenID provider service, and there is no way for a big corporation to force you to use their service over another provider. They can only attract customers with better service and value-added solutions.
2. It’s easy to get started using it. You can sign up with any number of OpenID providers and receive an OpenID based on one of their accounts. With a little bit more work, you can setup a delegation to make your website or blog your own OpenID. I strongly recommend the delegating to your own custom URL as this decouples your OpenID from your service provider which will allow you to change providers at any time with a minimum of hassle.
3. It’s easy to implement on existing web applications. There are code libraries and samples for implementing OpenID on just about every web publishing platform. Some of the popular content management systems like Drupal, Joomla, and Wordpress already have plugins available to use. Most of the blog publishing services like LiveJournal & Wordpress allow you to easily setup your blog’s URL as your OpenID.
4. It’s easy to switch between providers! The OpenID standard provides for a delegation model. This means that you can make an OpenID out of any URL which you have control over and set it up using the OpenID provider of your choice! This is how I made http://seanosteen.com my OpenID. Just recently in fact, I switched between my old provider MyOpenID and my new one Personal Identifcation Provider (PIP), by Verisign; and I did so in about 30 minutes. All I had to do on my end was to copy and paste two lines of code into the HTML markup on my website. I didn’t even need to visit any of the websites, on which I use OpenID, to make changes. They automatically picked up my new delegation and authenticated me using my new provider. It’s that easy! This is of course using my custom URL as the OpenID. If you use the OpenID provider’s OpenID URL, a little more work will be involved to associate your new OpenID with an existing account.

By the way, Verisign’s Personal Identification Provider (PIP) is still in a beta testing phase. But one of their cool value added services, and the reason for my switch, is the availability of multi-factor credentials, specifically their SecureID key faubs. My only difficulty in implementing the PIP OpenID service was that they have not published how to setup delegation to their service. So, I contacted support on Saturday afternoon, of the long Labor Day Weekend here in the United States. To my surprise, I got a very prompt and helpful reply within an hour from Gary Krall, the Technical Director for the PIP project. Kudos to Gary and crew for the amazing response time on a holiday weekend.