Question about OpenID
Falling into the category of “you’re smarter than me,” I have a question for those of you who know anything/much/lots about OpenID. As you can see in the illustration, I’ve chosen to use the Wordpress.com installation of OpenID. I tied it to my Wordpress.com account and have so far used it in only two places. I’m thinking that every time I offer up an OpenID, I’ll point to that one. So far so good, right? ( To get up to speed on OpenID, go here).
What happens if Wordpress.com folds? What happens if they change their mind and start charging me, or I leave them for someone else, or whatever? By choosing Wordpress.com (or Yahoo.com, or anyone.com) as my OpenID host/provider/whatever you call it, what happens to my ID should I choose to move it?
What do you know/think?
If you enjoyed this post, please consider leaving a comment or subscribing to the feed to receive future articles delivered to your feed reader.
Comments
Unfortunately, if WordPress.com as a domain folded or if they started charging and you didn’t want to pay, you would lose your OpenID. Even if that didn’t happen and you moved your domain over to WordPress.com your old ID of username.wordpress.com would cease to exist and your username.wordpress.com OpenID would disappear right along side of it.
Fortunately, there are things you can do to help ensure longevity of your OpenID. The whole purpose to OpenID is to provide a decentralized system and ensure data portability. You can install a bit of code into your own homepage that points at your OpenID provider of choice thereby allowing you to use your own domain name/blog name as your OpenID account and should your provider cease to exist, you domain name won’t necessarily (or at least you have control over that) and can just change the code at will to a new provider.
Simon Willson wrote a great howto so rather than repeat it or reinvent the wheel, here’s the link to it: http://simonwillison.net/2006/Dec/19/openid/
Good luck and welcome to OpenID! :)
Just like Coop suggested, I have set up my domain to redirect to MyOpenId as my OpenID provider.
If MyOpenID folds, I just have to change the tags in my blog’s header and redirect to another Open ID provider.
So as long as I keep paying for my domain, I’ll never have to worry about losing my OpenId identity.
Thanks for asking that question Chris, I’ve been concerned about it as well and thanks coop for the input.
I was just looking at a new company that has a interesting twist on OPEN ID. Have you heard about Vidoop? They have a “software-only, multi-factor user login technology based on categorized images. When a user enrolls, he chooses image categories from a bank of possible image content (such as airplanes, cars, or keys). This constitutes the shared secret. Then, upon proof of receipt of an access code transmitted out-of-band by e-mail or phone, the user’s computer is activated with a software token”. You might want to check it out.
Chris, I was going to post a comment regarding hosting your own OpenID but seems like I’m late to the party! Take Care!
[…] chrisbrogan wrote an interesting post today on Question about OpenIDHere’s a quick excerptOpenID Falling into the category of “you’re smarter than me,” I have a question for those of you who know anything/much/lots about OpenID. As you can see in the illustration, I’ve chosen to use the Wordpress.com installation of OpenID. … […]
Also, I believe you can consolidate OpenID’s, at least this option is offered by my OpenID provider - ClaimID.
If at some future point you no longer wanted to use your WordPress based OpenID you could merge in under a new/different one using this approach.
As others of said, you can add your provider inside the tag of your blog and then use your blog URL as your openid URL. That way if the provider disappears its no problem to change provider.
This site shows how to do this well:
Thanks much for information given in comments. I have been thinking of the same question before and now I know more of what could be done to improve things.
I get to be the dunce of the class and say that I was getting all pumped about OpenId just the other day but THEN I went to set things up and all I got was confused.
Seriously, if OpenId is supposed to be something simple, it is not - it is, in fact, the opposite. There are so many places to set up an ID, it is quite confounding.
I finally settled on this service:
http://iocchelli.myopenid.com/
But, BUT, I am still confused. Is it the right one? What happens if IT goes under?
And I also have a WordPress account and know that it can act as my OpenId but what the HECK does THAT mean.
I need some serious help.
Just stick the pointy hat on my head and start snickering. I can take it. :)
Hi Chris - looks like I’m also way late to mention using your blog as your OpenID - but hey, great minds right…
I forget where I found out how to do it, but yes it’s really just a couple of tags in the blog and selecting a provider. I use Verisign’s PIP which is in beta (https://pip.verisignlabs.com/) not sure if it’ll end up being a pay-for service, but has worked great so far.
Regards,
Rick
I am my own OpenID provider on a couple of my domains thanks to phpMyId (http://siege.org/projects/phpMyID). It only hosts a single user (fine for me), and was reasonably easy to setup.
If you host your own site then there’s no reason to rely on a third party for your OpenID.
Hey Mark (http://completerunning.com/)
if hosting your own OpenID provider is a bit over the top for your needs, then I really recommend taking a look at ClaimID.
Aside from providing a very good way of consolidating (and verifying) your online identity, they also off one of the simplest OpenID processes I have seen. See - http://claimid.com/openid
I just wanted to cosign Jonathon’s recommendation of ClaimID.
It’s super simple, the identity management features are awesome (it helped me get on Google’s radar as there is a very well known graphic designer with my name), and it supports adding multiple OpenIDs to your ClaimID account.
I’ll belatedly hop on the ClaimID bandwagon as well - I’d looked in to OpenID before, and got confused as soon as I got into the delegation-stuff. ClaimID’s explanation for how to set up delegation is easy, straightforward and they have the added bonus of letting you aggregate OpenID providers.
I use my domain as my openID i signed up to https://www.myopenid.com/ and slapped
in my website head tag
[…] News - Builder AU wrote an interesting post today on [from alexbarn] Question about OpenIDHere’s a quick excerptAnswers in comments. bookmark this on del.icio.us - posted by alexbarn to OpenID and saved by others… […]
I also use my blog as my OpenID URL tied to my Wordpress.com account. If anything happens to Wordpress.com, it’s easy to switch to another provider simply by changing 2 lines of code in my blog’s HTML. I’ve already done that once, as a matter of fact, since I started out with a different OpenID provider. I settled on Wordpress.com as my OpenID provider since it’s a site I log into every day anyway, one less site to bookmark and one less username/password to remember.
You should also enable OpenID for commenting - there is a WP-OpenID plugin, which I use, but I don’t know if you can run in on the hosted wordpress.com edition.
I know I’m awfully late to this party, but this single sign-on concept is one I had been considering for some time, from a developer’s point of view, and I only recently came across openId.
I like this question, and it occurs to me that it might be good for sites that accept open id to provide some means for associating an alternate open id with an account in case one disappears.
I haven’t looked at all the specs for openid yet, so I apologize if my comment seems a bit uninformed.
If you want to use multiple OpenID providers, set up your Blog as your URI using YADIS to designate priorities to your different providers: http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers
Of course, if you are afraid of leaving your OpenID in the hands of a provider who could disappear at any moment, you can host your own identity server: http://wiki.openid.net/Run_your_own_identity_server
Hope these help!