To say that online identity authentication has become a mess is like saying that global warming is a small spec in our distant future. With the slew of online services such as online banking, bill payment, photo sharing, and the tens of thousands of other password protected services that we use everyday; one person can have literally fifteen different logins at various sites all over the web.
While temporary solutions have sprung up all over the place in the form of software that stores your usernames & passwords, there’s still been a great need for a simplified, real world solution. That’s why some very smart folks got together and created an open, free framework for online identity, called OpenID.
The central idea behind OpenID is actually an idea borrowed from the web – what better place to look for a solution? Just as each website online has its own identifying address called a URL, with OpenID, so does each visitor to a site. A unique identifier called a URI (Uniform Resource Identifier) is assigned to you by your OpenID Provider. To login to an OpenID-enabled website (even one you’ve never been to before), just type your OpenID URI. The website will then redirect you to your OpenID Provider to login using whatever credentials it requires. Once authenticated, your OpenID provider will send you back to the website with the necessary credentials to log you in.
At the end of the day, not only does this strengthen & simplify the sign-on process of secure sites, but it also allows the user to specify exactly what personal information should be shared by their identity provider. While it has taken some time for the movement to get under way, it has recently gotten a jolt from the likes of Microsoft, AOL, Yahoo & Wikipedia, who announced that they would be supporting the open standard.
Max Zabramny