A first look at OpenID

Published on 2007-03-14 by John Collins.

The OpenID authentication protocol looks very promising. A number of efforts have already been attempted to provide a single sign-on service for various sites, but they have often failed because of political or technical reasons. OpenID looks different as it seems to have widespread, growing support.

OpenID is a distributed network of user accounts, where a user is identified by a unique URL. The URL in question is a real location on the Internet which points to a provider of OpenID accounts, e.g. MyOpenID.com. When a user attempts to log into a site which supports OpenID they provide their unique URL: the site then forwards the request to that URL where the user must provide their password to log in; and they are then returned to the site requesting the authentication once they have logged in successfully.

It all sounds pretty promising so far, and I may look into adding OpenID support to Alpha for the version 1 release. More reading for those interested:

Some well-judged criticism:

OpenID still open to abuse