One for all

With OpenID becoming more widespread, the days of remembering loads of different login names and passwords may be coming to an end. Gareth Van Zyl explains all...

  • E-Mail
By  Gareth Van Zyl Published  December 29, 2008

With OpenID becoming more widespread, the days of remembering loads of different login names and passwords may be coming to an end. Gareth Van Zyl explains all...

You've had to remember all your different passwords for all those frivolous websites you visit and, inevitably, you've forgotten the one password you need to log into that one site that holds much of your critical data. Sound familiar?

Thankfully, in today's digital world you need not necessarily experience this frustration because it is possible to get a single ‘master key' that can make remembering hundreds of logins and passwords a thing of the past. Welcome to the world of OpenID.

What is OpenID?

OpenID allows web users to log in to an OpenID-compliant website using a single sign-in. These OpenID-enabled sites ensure that web users need not remember numerous usernames and passwords. Moreover, with OpenID, web users only need to be registered with an OpenID "identity provider" (IdP) while the technology itself is open source (free).

OpenID transforms a web user's blog, photo-stream or profile page's ‘Uniform Resource Identifier' (URI - basically a web address) into an account that can be used to log in to sites that support OpenID logins. In fact, you might already have an OpenID if you use one or some of the following online services: AOL, Blogger, Flickr, LiveDoor, LiveJournal, Orange (France Telecom), SmugMug, Technorati, Vox, Yahoo and WordPress.com, amongst others.

Your OpenID is in the form of a web address or URI. So, if you blog on Wordpress, for instance, your URI would look similar to the following - http://www.windows.wordpress.com.

To get one of these accounts, you'll obviously need to register with your chosen online service, and your username and password with one of these accounts becomes the only username and password you'll ever need to remember.

Bear in mind though that OpenID is still in its early stages, but it is becoming more popular. Apart from the online services mentioned above, large organisations such as Microsoft, Sun and Novell accept and provide OpenIDs, and it is estimated that there are over 100-million OpenID enabled URIs with thousands of sites supporting OpenID logins.

How does it work?

Firstly, to use your OpenID, log into your provider and click the ‘remember me' checkbox that should accompany your OpenID provider's login screen.

After you've logged into your OpenID provider, you can then navigate to those sites on the web that are OpenID compliant. Compliant sites will present you with an OpenID icon that should be visible somewhere on the page itself.

When you click on that icon, you will be redirected to a screen where you can enter your OpenID URL. That's all that you enter - no email, no password and no username are necessary.

You'll then be re-directed to your OpenID provider's website to give authorisation to the website you want to access and your OpenID domain will be the only login you'll ever need (if your OpenID is working properly).

Your next step will be to ‘white list' the site you want to access. This ‘white list' involves storing information on a file about all the sites you authorise. You will usually have the options of granting access to a site once or forever. You even have the option to deny the login process for a site altogether.

Finally, you'll be directed back to the site you came from. Only this time, you'll be logged in. The whole process usually takes about 30 seconds and it only requires two mouse clicks.

Who owns or controls OpenID?

OpenID is a product of the ‘open source' community and, as such, OpenID is not owned by any one party. Anyone can be an OpenID user or an OpenID Provider free of charge without having to register or be approved by any organisation.

3576 days ago
Brian Kissel

For any of your readers thinking of implementing OpenID on their websites, there are good open source libraries at www.openidenabled.com or full turnkey solutions at http://rpxnow.com You can see how RPX works at http://www.uservoice.com or http://www.interscope.com

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code