This is turning out to be quite a good week for OpenID, an increasingly popular mechanism for creating and managing a single identity across the Internet. On Monday, Microsoft announced that it would give every Windows Live user an OpenID account, and today, Google announced a very similar plan.
Google will allow web services to join a limited test of an API based on the OpenID 2.0 protocol that will give Google Account users the option to sign in to websites with their Google credentials and without having to sign up for a new account at those sites.
Among the launch partners for this new API are Zoho, Plaxo, and Buxfer.
One of the key results of Yahoo's OpenID usability study was that users did not understand OpenID and what its logo stands for. Instead, Yahoo promoted the idea of giving users a sign-in button that simply said "Sign In with a Yahoo! ID" (though Chris Messina argues that this could be detrimental to OpenID in the long run).Google and its partners are taking a similar route and are basically bypassing any mention of OpenID itself in favor of a simple message saying "Sign in with a Google Account."
Google also announced that it is looking to combine the OAuth and OpenID protocol so that a service can not only request a user's identity through OpenID, but also "request access to information available via OAuth-enabled APIs such as Google Data APIs as well as standard data formats such as Portable Contacts and OpenSocial REST APIs."
Thanks to this announcement, a wide range of some of the web's largest service providers now supports OpenID: Yahoo, Google, Microsoft, MySpace, and AOL.
As John McCrea notes, the result of these announcements from Google and Microsoft this week should be "a massive adoption wave for OpenID all over the web."
TrackBack URL for this entry: http://www.readwriteweb.com/cgi-bin/mt/mt-tb.cgi/8782
Comments
Subscribe to comments for this post OR Subscribe to comments for all Read/WriteWeb posts
Not sure if you covered this in another post Marshall, but regarding "Don't Mention OpenID", Chris has a good counter argument on that.
Posted by: will.norris.name
|
October 29, 2008 10:37 AM
err, Frederic rather... sorry, thought Marshall wrote this one.
Posted by: will.norris.name
|
October 29, 2008 10:38 AM
@Will - thanks for the link! I was not aware of Chris' arguments, but I think he makes some really good point about OpenID and the user experience there and I will add it to the post.
Posted by: Frederic Lardinois
|
October 29, 2008 10:44 AM
Any idea how open id links in with Google Wallet or Yahoo Wallet?
Posted by: Ted Murphy | October 29, 2008 10:55 AM
It's definitely exciting to see the support for OpenID that's been displayed the last several weeks with Yahoo!'s findings, and Microsoft and Google both serving as providers.
What I'd like to see next, and an area where I think OpenID needs to improve before it really explodes in terms of usage, is a more transparent authentication process. It's a bit more reassuring to be directed to a site like Google or Yahoo! that a user is at least familiar with to login, but it'd be even better if that could be done behind the scenes for a more seamless user experience.
Posted by: Tim | October 29, 2008 11:11 AM
I really think you need to be pointing out in these OpenID posts (applies to the MS as well) that these companies do not actually "support" OpenID, they use it. Providing but not consuming, does not equal supporting!
Also, Google's repurposing (and hiding) of OpenID seems like a dilution of the concept. This is a side-stepping the 'game-changing' aspect of OpenID. I never thought I would hear myself say this but, Microsoft's stance is more progressive!
Posted by: Craig Loftus
|
October 29, 2008 11:15 AM
Many of the large players are only OpenID providers. You can use your account with them to sign into other sites. However, obtaining an OpenID isn't the current problem.
You can't sign in with your OpenID on most of the major sites, and when you can, people don't know what it is or what to do. Many people are looking for a password box like they are used to.
The average user is already swarmed with passwords to remember, and when they go to a site like Plaxo and see 5 ways to sign in, they're going to be overwhelmed and go back to the basic username and password they're used to.
The concept of a username and password to sign in is so engrained in everyone's mind that its going to take a lot to make them enter a web address instead. People don't like to spent time learning, they will go back to what they know to get instant access.
Posted by: James | October 29, 2008 11:21 AM
I agree with Craig that this would be important if MS and Google were allowing you to use OpenIDs from other providers to log into their services. Until then, this is more PR than anything.
And James is also right that people are very used to the username/password combination. In fact, I don't think there's a good argument for most people to use OpenID. Single signon? I can reuse the same login/password combination. That's insecure? well, yes, but the publicity we see about ID theft is from companies who lose millions of IDs at once... not one by one theft. Aside from SSO, what's the compelling reason the regular person should care about OpenID? Right... I can't think of one either.
Posted by: rick | October 29, 2008 1:17 PM
This is indeed exciting news for OpenID advocates, and for proponents of the so-called "Open Stack".
I wrote up my thoughts on a number of the commenters' points on my blog (thanks for the link), but I can provide some more specific thoughts (I don't work for Google, FYI).
@Tim: This is something being considered and worked on, and Facebook Connect is certainly an inspiration for a seamless experience here. That said, making it *too* seamless and smoothing out the OpenID speedbump might make people gloss over the importance of deciding whether to grant federated account access. This isn't something as simple as agreeing to a EULA in desktop software where the transaction is constrained to your desktop; instead, when you give access to someone on a remote server, it's hard to take it back. Usability work will certainly help here, but I'd caution against making the flow too transparent.
@Craig: Totally. I think there simply needs to be continued advocacy for the majors to become OpenID relying parties. It's
Posted by: factoryjoe.com
|
October 29, 2008 2:28 PM
Being an OpenID provider and not accepting OpenID is about the most selfish and self promoting crap going on in the web.
Stop writing about this junk until one of these companies decides they will accept OpenID.
This is like the community group that advocates for longer jail terms while also fighting a new jail in their county.
Hypocrisy.
Posted by: Jmartens | October 29, 2008 4:07 PM
@Frederic, @all
i've made two slides up on slideshare that might provide extra food for thought on parts of the Google approach(in my vision).
Open ID/Mobile thinking:
http://www.slideshare.net/Markies/mobile-thinking-mark-de-kock/
Travel with mobile services partly powered by Google entities:
http://www.slideshare.net/Markies/mobile-travel-experience-presentation
Posted by: Mark de Kock | October 29, 2008 6:00 PM
This does not surprise me as it should have happened a long time ago! In time I am sure they will be willing to accept OpenID just not now, sadly enough.
Jesse W.
http://www.subprimeblogger.com
Posted by: Jesse W. | October 29, 2008 6:50 PM
I have an OpenId, I just use it that much.
Posted by: Free xbox 360 System | October 29, 2008 11:02 PM
Im tellin you dude, Google is going to Rule the World one day.
Jiff
www.online-anonymity.kr.tc
Posted by: Justin BEan | October 30, 2008 5:19 AM
interesting,
will try this openid!
Posted by: siim | October 30, 2008 8:05 AM
What a great idea. I can login to
any site with one password.
This is going to help me more easily
do business on the Internet.
thank you from tony
Posted by: ntopics | October 30, 2008 10:00 AM
With Google supporting it, it should take off much faster now. Kudos to Google!
Posted by: free xbox 360 | October 30, 2008 10:05 PM
Except that it looks as if Google, despite its developers' public pronouncements, isn't supporting OpenID at all.
According to NeoSmart, "whatever it is that Google has released support for, it sure as hell isn’t OpenID"
Should be interesting to see how this one develops
Posted by: Kenny the Epiphone Guitar guy | October 31, 2008 3:10 AM
This is a great development for OpenID, and more importantly for the websites and end users that can benefit from faster and easier registrations and logins using existing accounts with Google, Yahoo, AOL, and many other OpenID providers.
JanRain's RPX (http://www.janrain.com/products/rpx) OpenID website enabling service has already integrated and deployed support for Google's OpenID service. You can see a demo at www.velog.com.
You can also see some case studies of successful OpenID deployments with measurable benefits at: http://www.janrain.com/openid/casestudies
Posted by: Brian Kissel | October 31, 2008 10:46 AM
It is Great and I am already using Openid concept. It helps a lot and saves time.
Thanks
Posted by: Accounting Practice Manangement | November 1, 2008 3:09 AM