One Ring to rule them all – OpenID

November 9, 2009 at 1:42 PM | Posted in Identity Management, Web Technology | 1 Comment
Tags: , ,

Hello everyone..

A few weeks back, I came across a new term that has been getting rathwer popular since quite some time on the net – ‘OpenID’. Now, a lot of people  might be using it in some form or the other, but perhaps, not all of us understand what and why is it..

So, What is OpenID ? To understand it, first imagine how registering and using different sites work. Most of us are registered on various sites – these may be social networks (like facebook, orkut etc.), shopping sites, forums, and other such sites. Now, there are a few issues with how things work normally :

  1. Firtstly, registering on a site is a multi-step process which needs to be done repetitively – a recent study showed that many visitors avoid registering on a site simply because they are too lazy to fill up all the registration information. However, automatic form-filling (like in google toolbar) could help somewhat by automating the form-filling.
  2. The second problem, which is  what is of more concern, is remembering the password. Either the user keeps the same password on all sites which increases the chances of identity theft (you will be surprised at how many sites store your actual password and not its encrypted/hash value on their servers – ever got a mail from a site after registering, mentioning your password in the mail ? – well, beware of such sites). In the above option, if a a ‘hacker’ could get your password on any one site, he could potentially gain acces to your identity on all the other sites. The other option is that you keep different passwords on different sites   – but then, remembering them is a complete mess ! You either cannot remember them or you need to use some password manager to gain access – again a problem since it involves extra step and because you may not have access to the password manages on a public computer.
  3. A third problem, is that if you use many social networking sites, there is no link between the friends you have on one site to the friends on another site – you cannot simply add frineds on Facebook and then hope that the same would also appear in your friends list in Orkut !

In comes OpenID – “one ring to rule them all”  – it is like your one single identity across the whole web and one central/unified way of signing in towebsites. So, now, if you go to an openID enabled site and press register, all you have to specify is your openID, and then perhaps your openID password, and then the site where you are registering will pull in all your information and your contact information from the openID provider’s site (with your permissipon ofcourse) and you are done – no need to fill up forms, remember passwords of search for your friends !! Simple and effective. Also, because now your password is only visible to the openID provider’s site, and no other site sees/knows it, you only need to protect and remember a single passwors thus making identity-theft less likely.Also, if all your frineds on one site are using openID, its simple for any of the other site to pull your frinds’ ids from one site and add them to your friends listr in other !

Now that the concept of openID is clear, lets see what is openID – it is actually a form of URL (e.g. openid_provider.com/myname) – without going into too much technical detail, whenever you enter your openID URL to any site, that site will contact the openID provider website (openid_provider.com in the example above) and will authenticate you and your information. For more technical details on how it works, refer : http://en.wikipedia.org/wiki/OpenID#Logging_in

Naturally, the question that comes to mind is, who is openID provider ? Since the past year, the openID has become quite popular. So, many sites have  been providing openID – infact, you already might have one or many of them. For example, blogger (my blog url : https://itsaneesh.wordpress.com/ is actually also an openID), wordpress, livejournal etc. provide you an openID when you register. Google also makes an openID for you when you register (although, its slightly different in that your google openID has a long alphanumeric sequence as your openID) as does  flickr, yahoo and msn etc. (see : http://openid.net/get-an-openid/ for more details). In fact. for users of google – you might have seen “Sign in with a Google Account” button on many third-party sites – all of these are utilizing Google’s openID features)

An alternate way of getting ypur openID are from sites meant solely for this : some good examples are – http://chi.mp/ , https://claimid.com/ , http://www.yiid.com , http://www.myid.net/ , https://www.myopenid.com/ , https://pip.verisignlabs.com/

While understanding openID etc, I visited and created my openID on the above mentioned sites, and personally, I liked yiid the best (mine is at http://aneesh.yiid.com/)- as it gives you a page where you could mention all the sites/communities you are a part of and also, allows you to link multiple openIDs together so you could sign in to yiid with any of those. Another one I really like is chi.mp as it gives you a personal free domain (mine at http://aneesh.mp/) and a page which you can customize, along with a blog, photostream etc.

Lastlys, as openID becomes popular and the de-facto standard for logging into sites, the id will become a persons unique identity on the net – you go to a photosite, and see a photo or a comment on another site by  “http://itsaneesh.blogspot.com/” , you know its the same person who created this blog ! Of couse, this also brings about concerns of privacy – but you have the control on it – its no different than real worls – you have one unique face and you are known by it – you simple hide it when you want to do something you don’t want people to associate with you !!

So, now that you are more aware of what is OpernID, hopefully, you will start noticing its existence and its advantages at more and more sites – share with me on how you feel about it. And if you still don’t have one, well, what are you waiting for ? – go, claim your identity !

Enjoy !

Aneesh..

PS : I still cannot decide which platform is better for blogging – blogspot or wordpress. Till the time I do so, please find the same post also at :

http://itsaneesh.blogspot.com/2009/11/one-ring-to-rule-them-all-openid.html

Create a free website or blog at WordPress.com.
Entries and comments feeds.