As
David
Lenehan reported today, Digg is the latest company to declare its support
for OpenID - the decentralized single
sign-on service. This follows on from recent announcements of support from Microsoft
and AOL. And
as Techcrunch
noted, Yahoo, LiveJournal, and Wikipedia are some other organizations that
had previously announced their support.
It's clear that OpenID is gathering a good head of steam as the single sign-on mechanism of choice in the web 2.0 world. But let's take a poll on how many people are actually using it right now. Even though OpenID is a great initiative, R/WW's identity guru Jitendra Gupta has pointed out several times that OpenID is not without flaws - particularly in the areas of security and authentication. So many people may be reticent about using OpenID, at least for now. Another issue is that many people use fake identities on the Web or have multiple IDs, particularly those in the younger generation.
Please participate in the poll below and let us know in the comments to this post your thoughts on if/when real users will start utilizing OpenID.
Update: I forgot to mention that Emre Sokullu wrote a great analysis of OpenID for R/WW at the start of 2007. It includes a screencast explaining what OpenID is and how it's used.
TrackBack URL for this entry: http://www.readwriteweb.com/cgi-bin/mt/mt-tb.cgi/1980
Comments
Subscribe to comments for this post OR Subscribe to comments for all Read/WriteWeb posts
And when I say I use it frequently, I mean...I use it wherever it's available to be used. That's not a lot of places, yet, but it's growing. I'm actually looking into implementing it for the comments at my blog. I prefer it, since it means less hassle of username/passwords/site location.
Posted by: Devon Young | February 20, 2007 2:50 PM
I didn't hear about it till like a month or so ago.
How long has it been around?
Posted by: Ali | February 20, 2007 3:12 PM
I really have trouble figuring out how to use it, so no, I don't.
Would you like to put together an OpenID 101 post to explain how to get one?
Posted by: Kevin | February 20, 2007 3:14 PM
Did Wikipedia announce their support? AFAIK there's an OpenID patch available for MediaWiki but Wikipedia itself is still reluctant in OpenID support.
@Kevin, my previous OpenID article had a screencast that can help you: see, http://www.readwriteweb.com/archives/openid_vs_bigco.php
Also check out Wikipedia and google it, this is not a complex idea...
Posted by: Emre Sokullu | February 20, 2007 3:32 PM
I heard about it almost from day one as I was a subscriber to Brad Fitzpatrick's LiveJournal (he does some great work!) .. but still I have little to no interest in OpenID. It's one of those ideas I just don't "get" (yet). I don't see any big deal about having multiple logins, FireFox remembers them all just fine. It kinda feels like a 'cool technology' rather than something that will take off with a sizeable amount of the online populace. Of course, the same could be said for feeds, but I digress :)
Posted by: Peter Cooper | February 20, 2007 3:57 PM
Emre, thanks for reminding me! I've updated the post with a link to your article.
Posted by: Richard MacManus | February 20, 2007 3:59 PM
Hey Peter,
What about when you are not using your own computer? Yeah, I use Firefox's capabilities too... but I think it would be fantastic to not have to worry if my desired user name is taken or not... just one global ID that is guaranteed to be me. Lots of people log on to their Internet services from public computers. This would be even more beneficial to them. Also, there is no large entity controlling all of the user names. The service is fully accessible and free to any company that wants to adopt it.
I think it is a great initiative and I am really exited about it.
Posted by: Jeremy David | February 20, 2007 4:45 PM
While I don't use OpenID myself, there are a number of users on my social network asking for its integration. It seems that many users are now beginning to *expect* Web 2.0 startups to have support for it (just as they did for Firefox). Not surprisingly, we are hoping to port such a system on Shuzak as well.
- Jawad Shuaib
founder, Shuzak.com
Posted by: Jawad Shuaib | February 20, 2007 5:21 PM
"when I say I use it frequently, I mean...I use it wherever it's available to be used." I voted the same way as Devon, for the same reason.
Posted by: Andrew | February 20, 2007 8:20 PM
I use it regularly. whenever I am allowed. The URL I use uses delegation method. Hence My OpenId URL http://www.techmag.biz/thejeshgn is also my profile URL. It serves in two ways.
1. Login with same id/password
2. One profile (URL) where the world can see who I am
3. I am not dependent on any service provider. I can change them when I want.
Posted by: Thejesh GN | February 20, 2007 8:44 PM
I have it (just signed up recently) but as of now, there are not many services that I am looking to use it on.. Until Digg, Yahoo, etc integrate it.. I will not have much use for it.
I am willing to bet Google has an OpenID system coming out using Google Accounts, which would be completely. Awesome. That is just wishful thinking though.
Posted by: Miles | February 20, 2007 9:12 PM
Yeah...I have had an OpenID for a while now but there still aren't that many sites that accept it...I expect those numbers to explode in coming months. Anytime I am able to use it, I am very thankful to the site for the convenience and no added mental work in terms of managing a new username and password :-)
Posted by: Jitendra | February 20, 2007 10:10 PM
I have three OpenID accounts. I'm not certain how OpenID will make my life easier. The industry in general could do a better job of explaing what OpenID means to me. I'm sure I could do some quick research and figure it out, but I'm too busy.
Since I created my OpenID accounts I have not seen any input fields on the Web sites I visit where I can enter my OpenID. For instance, I imagine my Digg, del.icio.us, flickr, and AOL accounts will all have this transition period where I need to link an OpenID to my existing usernames and passwords.
There should be an official 'transition watch' group, where companies are rated on the ease of use in how they implement and burden their users with integrating OpenID into their existing account profiles!
Posted by: Ben Long | February 20, 2007 10:23 PM
I feel that the support for OpenID is terrible now. I have my homepage (http://michal.wikidot.com) delegated to my OpenID identity from http://myopenid.com but from my experience ~50% of the web services that claim support of it fail.
I often experience errors, bugs, "service unrecognized", "response failed" etc.
Waiting for OpenID 2.0
michal
Posted by: Michal Frackowiak | February 21, 2007 12:47 AM
Dear Richard,
OpenID has certainly some appeal, but what about its phishing risks?
It’s undeniably true that OpenID makes life easier to phishers: they no longer have to mimic PayPal or your bank site, but simply build an appealing and innocent website and get you to login using your OpenID. Then, following the protocol, they can discover your OpenID provider and direct you to their fake login page that will look exactly or almost exactly as the original one. You type in your password thinking that you’re safe, but in fact you’re giving out your details to a rogue third party, who now can use it across all of your registered sites and services.
I’ve written more about this issue in
‚ÄúOpenID, before you get too excited‚Ä?.
http://www.clipperz.com/users/marco/blog/2007/01/26/openid_before_you_get_too_excited
What do you think?
Marco
Posted by: Marco Barulli | February 21, 2007 4:15 AM
Yes, I have an account there, but I only use it of Zooonmr ;-).
Posted by: Timo Heuer | February 21, 2007 9:27 AM
Now people can log into my wordpress log with OpenID and in fact, I log into my blog using only OpenID. I suggest you also setup an OpenID based authentication for RWW
Posted by: Krish | February 21, 2007 1:52 PM
We all know that the number of OpenID enabled sites is still pretty limited. To support the growth of the community, we´ve been putting a lot of effort in gathering all available links in The OpenID Directory. Please check the available sites and submit any more you can find!
Posted by: Thomas Huhn | February 22, 2007 2:54 AM
I wish its use was more widespread in the meantime, but personally, in the longrun, I think that FOAF, RDF Etc, will prove to be a better standard for sign-in, once the possibilities of distributed social networking begins to be exploited even to the slightest of its potential.
As for security, I think local apps need to handle that when it comes to things like bank accounts and what not. I can't imagine putting my bank account or paypal in the same realm as my flickr or myspace account, so ultimately I think OpenID may prove to be on the outs before it was really in.
I think there are a lot of apps, services, networks etc that will prove to not need a very high level of security as data can be cached and repairs can simply be made in the event that someone decides to vandalize your online persona.
I imagine the URI, and an individuals own XML (or XHTML) file serving as the go between between apps, so for the most part, most applications only need a URI to verify that you are whom you say you are. Users can see all their recent activity at a glance and know if there's any sort of shinannigins going on. Comments, blogging, media-sharing, reviews, networks and bookmarks are all examples of the types of online public persona fragments that I would trust cooperative web apps to sort out for me using a URI as my identity.
Why would someone claim to be me? And if they do, I can delete that data because I'm in charge of the 'master' (xml or other) file that resides at my URI -the file that is a meta-ization of what I do publicly online -the file that allows apps to share users' avatars, main home pages etc.
That's my little vision.
Am I crazy?
Actually, is what's going on that OpenID is aiming to become a URI system? That's what I don't understand. Why the divide between public persona and login-centric "identity"???
It seems to me that this is like putting the horse on the wrong side of the cart, however that saying goes. I think by focusing on merging users' personas across various applications, we will arrive at a one-stop login scenario. Focusing on security for one-login and all that goes with it seems a little silly. There is really only one of each of us and machine language can express this fact very easily. It's not a user's fault that the many services offered on the web come from so many different sites, each with its own closed proprietary login system.
Feel free to message me on myspace if there's something I'm missing here, or if anyone wants to discuss this with me further.
-Andrew A. Peterson
myspace.com/uncle_andy
Posted by: Andrew A. Peterson | February 23, 2007 6:28 PM
Jeremy,
Good points! This is probably a case of me not seeing farther than the end of my nose as I only ever use my own computers :)
Posted by: Peter Cooper | February 23, 2007 11:37 PM
I implemented OpenID for MediaWiki (http://www.mediawiki.org/wiki/Extension:OpenID) and the implementation is live on my site, Wikitravel, as well as on other MW sites.
I think there's a network effect with SSO solutions. Sites won't implement client support unless there's a clear benefit, and that's only going to happen when more people use OpenID. And users won't bother with OpenID until they can use it on their favorite sites. There's a definite feedback loop: the more users who use it, the more sites want to implement it, and vice versa.
I think what starts the process rolling is first-adopter benefits. There's clearly a publicity benefit from having (or just announcing) support for OpenID right now. Few articles about OpenID don't mention that WT supports the standard, which has been great for my site. And identity zealots have just about unanimously got on the OpenID bandwagon, with LID and i-names either getting absorbed into OpenID or left by the wayside.
In other words: it's probably going to grow like other Web trends grow. It seems unlikely at this point that the genie is going to go back in the bottle.
Posted by: Evan Prodromou | February 25, 2007 11:23 AM