The Non-Scary Way of Learning About OpenID

By Lachlan Hardy
1506h Thursday, 20 December 2007 Permalink

I hear lots of paranoid mutterings about OpenID from geeky folks. I get that. They’re still hurting from the fiasco formerly known as Passport. It’s understandble, but it’s time to let it go.

People have valid concerns about any scheme purporting to represent their identity (or identities, given we’re talking about the web). It’s hard to get to the bottom of those with OpenID, because, as has been raised on the mailing lists, it’s very obscure niche topic with bugger all in the way of plain language explanations. It takes too long to get into it and understand it, and not everybody has that time. This is for those who are willing to trust that I took the time.

The next five points are for all my geeky friends who can’t be stuffed delving into esoterica:

OpenID is good for you.

You can stop using usernames and passwords for every site that supports it .

OpenID saves you stress

You don’t have remember which of the 3 different passwords you’ve used since high school is the right one for this site. You don’t have remember which of your 47 different usernames you gave it.

OpenID saves you time

You don’t have to trawl your browser password storage to find the right one when you haven’t visited the site since you last cleared your cookies.

OpenID is safe

Hardcore security freaks can go read the specs , get involved in the community and determine this for themselves, but for the rest of us, it’s enough to know that a bunch of very smart hardcore security freaks have already done this.

The defence rests

There you have it, folks, the completely non-scientific (and non-scary) explanation of OpenID. No grand justifications. No confusing diagrams.

What now?

Just 3 simple things to do:

  1. Go get one today; I recommend ClaimID because those guys are fucking smart , but lots of people like myOpenId too;
  2. Make sure you delegate your OpenID to your own site using Tim Lucas’s handy instructions so you have control of your identity; and
  3. Tell your all friends - if you want the revolution, you’d better start lighting fires.

Party on, people. The fight isn’t over yet.


There are 4 comments on this post.

Dr Nic
1658h Thursday, 20 December 2007 Permalink

A wise man once said “If they blog comments doth not support OpenID, thou shalt ne’er discuss OpenID”.

Scott G
0836h Friday, 21 December 2007 Permalink

What about non-geek types? It all sounds pretty complicated for the standard web user.

Is this the case? … and how will that impact the mainstream adoption of OpenID?

Lachlan Hardy
1109h Friday, 21 December 2007 Permalink

@Nic Fair call. People have been asking for it in SimpleLog for nearly a year, but no dice. I got cracking this morning, so we’ll see how long that takes me ;)

@Scott The user experience is OpenID’s single biggest issue. It shouldn’t be as hard as it is.

I reckon it’s mostly due to complexity. For folks to be convinced that it is a good idea, they want to know some things about it and explanations get complicated very very quickly. In terms of actually just using it, it’s easy. The problem is convincing folks to use it.

I think myVidoop’s video explanation is one of the best, but it still gets way too jargonistic after a while: OpenID according to Dave.

Ben Buchanan
1608h Saturday, 29 December 2007 Permalink

I’ve poked about looking for an answer to this one but so far nothing definitive… are there any issues delegating more than one URL back to a single openid?

Obviously each extra URL is one more site to “keep safe” but otherwise it seems ok to me; but then I don’t know if openid servers will chuck a wobbly if more than one site gets delegated.


New comments are no longer enabled on this site.