Thursday, September 13, 2007

OpenID for preventing digital schizophrenia

Everybody knows the problem. You are registering for the latest service on the web and you have to give them an username and a password. Signing up for new accounts is a pain. As well everybody knows that you shouldn'u use the same accounting information on more than one site. Simple reason....if anybody cracks your account, then you will be compromised everywhere. But there are so many services on the web. I guess, nobody is capable of memorizing so many different usernames and passwords. Are you...?

One solution to the general problem of identity management on the web is OpenID. OpenID is a decentralized mechanism for Single Sign On. For using OpenID-enabled sites, you do not need to remember traditional authentication tokens such as username and password. Instead, you only need to be registered on a website with an OpenID 'identity provider' (also referred to as 'i-broker'). Since OpenID is decentralized, any website can employ OpenID software as a way for users to sign in. The website will then redirect you to your OpenID provider to login using whatever credentials it requires. Once authenticated, your OpenID provider will send you back to the website with the necessary credentials to log you in. OpenID offers also strong authentication mechanisms such as Diffie-Hellman key exchange to be used for all types of transactions, both extending the use of pure single-sign-on as well as the sensitivity of data shared.

There is a nice presentation providing a good starting point for OpenID by Simon Wilson at SlideShare entitled 'Building the Social Web with OpenID'

[via Semantic Bits]