In the last weeks I stumbled about the technology named openID quite a few time. Today I decided to inform myself what this is about.
Our beloved wikipedia says on openID
OpenID is a decentralized single sign-on system. Using OpenID-enabled sites, web users do not need to remember traditional authentication tokens such as username and password. Instead, they only need to be previously registered on a website with an OpenID “identity provider”, sometimes called an i-broker. Since OpenID is decentralized, any website can employ OpenID software as a way for users to sign in; OpenID solves the problem without relying on any centralized website to confirm digital identity.
This sounds great… not having to remember dozens of passwords (given the case you DON’T use one password over and over again… *g*).
A more detailed description about openID can give you this google video
After seeing this.. You will probably say: Where can I get my openID and why doesn’t my $favorite website support openID…
There are a lot of criticism against openID. I found this article on The identity corner quite comprehensive.
It summarizes the flaws which are in the openID system.. Or better said: The problems they see…
Beyond this [Comment: the single sign on feature], OpenID is pretty much useless. The reasons for this are many: OpenID is highly vulnerable to phishing and other attacks, creates insurmountable privacy problems, is not a trust system, suffers from usability problems, and makes it unappealing to become an OpenID “consumer.” Many smart people have already elaborated on these problems in various forums. In the rest of this post I will be quoting from and pointing to their critiques.
So.. maybe now you want an answer from me about kittens die when you are using openID or openID as a savor of the world.
Honestly.. I can’t do this. I’m not that of an expert in security and so it’s difficult to approve or disapprove the critiques.
But WHAT important is… You know now what the system is all about and have a starting point to get more information.. If you want too.
I’ll keep my eyes open for information about the development of openID…