Image of the glider from the Game of Life by John Conway
Skip to content

The OpenID Dillemma

There seems to be a trend, as of recently, for large companies to become OpenID providers, but now allow logging into their service with your OpenID account. The trend I'm noticing, is everyone wants to be a provider, but no one wants to support OpenID logins. Well not "no one", but not the major players. Consider the following major corporations or web sites that are OpenID providers:

  • America Online
  • Orange
  • LiveJournal and Vox
  • WordPress.com
  • Yahoo!
  • Blogger
  • Verisign
  • ... and more

Supposedly, news has hit the front that Microsoft will be supporting OpenID as a provider, and rumors have it that your GMail account can be used as an OpenID identity. But what about logging into these providers with an existing identity? Here's the question posed: Can I login to AOL, or create and AOL account, with an already existing OpenID identity? What about LiveJournal? WordPress? Yahoo!? Blogger? etc.

NOPE.

Like mentioned earlier, the big players are willing to throw their support behind being a provider, but not allowing the creation of new accounts, or signing into existing accounts, with previously setup identities. So, what's the point then? If everyone has an identity to use, but no one can use it, what's the point of creating the identity to begin with? I thought OpenID was all about 1 account and 1 password. Yet, I still have to login to Yahoo! with my Yahoo! account. I still have to login to GMail with my GMail account. And I still have to login to AOL with my already existing AOL account. So, it's a far cry from the single login that OpenID is working so hard to achieve.

My cry to the providers, is if you really want to support OpenID, then allow users access to their account through an already existing OpenID identity. Don't only become a provider, but show 100% support by giving them the ability to login with their OpenID account. I don't want 500 OpenID accounts that I can't use, because my providers won't allow me login access with them.

{ 17 } Comments

  1. bma using Debian IceWeasel 2.0.0.12 on Debian GNU/Linux 64 bits | February 20, 2008 at 10:04 am | Permalink

    You can at least comment on livejournal posts with a non-livejournal openid.

  2. eddie using Firefox 2.0.0.12 on Ubuntu | February 20, 2008 at 10:14 am | Permalink

    I was able to do that with the bugmenot firefox extension. The concept behind OpenID is to be able to log in everywhere using ONE account. Everybody wants to be the host of that account. I find it reasonable. But if the OpenID credentials can't be used, them the whole OpenID is flawed and useless.

    I have accounts for a dozen websites that are OpenID providers. That's annoying because they don't let me login using a foreign OpenID credential. Then what's the point in using OpenID? Just some new buzzword bullshit. A new prank to the newcomers. What a shame.

  3. Wolfger using Firefox 2.0.0.12 on Windows XP | February 20, 2008 at 10:53 am | Permalink

    I have two LJ accounts. One I created a long time ago, and one for my WordPress OpenID. So yes, LJ supports OpenID. I simply haven't tried the others.

  4. Dread Knight using Firefox 2.0.0.12 on Ubuntu | February 20, 2008 at 12:17 pm | Permalink

    //Large greedy companies are free to su** on my big co**.

    I noticed this myself these days. OpenID went straight to the dump yard for me, too bad since it was a good concept.

  5. Dread Knight using Firefox 2.0.0.12 on Ubuntu | February 20, 2008 at 12:18 pm | Permalink

    Anyway, i am sure google will do lots of good with gmail. I bet my money on google.

  6. Sam Hasler using Firefox 2.0.0.12 on Windows Vista | February 20, 2008 at 12:24 pm | Permalink

    Who cares about the big players, it's the long tail of consumer sites where OpenID will be really useful.

    I've got accounts for most the bigger sites anyway and since I use them frequently it's not a burden to remember my username/password for them. It's the long tail of little sites that lots of people may check out but can't be bothered to create an account for, or forget their login details when the revisit two months since they last used it that will get the most benefit from consuming OpenIDs.

  7. Artūras B. using Firefox 2.0.0.12 on Ubuntu | February 20, 2008 at 1:13 pm | Permalink

    My two cents to this discussion:
    I think big companies just found a good (open and free) solution that siutes their SSO needs - for the whole portfolio of their services. And this is pitty...
    I think that the OpenID license should include some additional terms for public OpenID providers - they must not only provide OpenIDs but also accept external ones for logins. That would mean full (consumer plus provider) OpenID support for public OpenID services.

  8. Dax Kelson using Firefox 2.0.0.12 on Fedora 64 bits | February 20, 2008 at 4:02 pm | Permalink

    "What about LiveJournal? WordPress? Yahoo!? Blogger? etc. NOPE."

    Sorry. Two of your 4 "NOPE" examples are actually "YUP". LiveJournal and Blogger let you leave comments with OpenID authentication.

  9. Aaron using Firefox 2.0.0.12 on Ubuntu 64 bits | February 20, 2008 at 4:04 pm | Permalink

    @Dax Kelson- Partial YUP. I can only use my OpenID URL to comment, not to create a LiveJournal or Blogger account, or use an existing OpenID to authenticate for logging into those accounts. As far as I'm concerned, it's not good enough. Leaving comments on peoples blogs with your OpenID is different than logging into that account with OpenID.

  10. Dmitri using Safari 523.15 on Mac OS | February 20, 2008 at 10:50 pm | Permalink

    I think you have a typo: "large companies to become OpenID providers, but now allow logging into their service with your OpenID account", you probably mean "not allow" rather then "now".

    I totally agree with your article tho, it's stupid to provide IDs but not accept them for creating accounts.

  11. Louise using Firefox 2.0.0.12 on Windows Vista | February 21, 2008 at 4:47 am | Permalink

    OpenID is a great idea. Can’t wait to see it accepted by everyone. In the meantime, while waiting for wider acceptance, password managers are a great alternative. So basically you store all non-OpenID logins in one place.
    Something to consider while waiting for OpenID to go global!

    I work at PassPack, an online password manager. You may want to have a look:

    http://passpack.com/info/home/

    Louise

  12. Daniel using Firefox 2.0.0.12 on Windows XP | February 21, 2008 at 5:51 am | Permalink

    I second this. There need to be more OpenID consumer enabled sites.
    I often find myself skipping registration on a site, which does not support OpenID yet.

    A directory of OpenID enabled sites is available at https://www.myopenid.com/directory

  13. Gary W. Longsine using Safari 523.15 on Mac OS | February 21, 2008 at 10:03 am | Permalink

    The Djinni is probably out of the bottle now, but this seems like a problem that might have been addressable with the proper type of license from the outset. It could have been specified that use of the "OpenID" name requires acceptance of OpenID credentials from elsewhere, for example. As with so many problems like this, how to put the Djinni back in the bottle isn't immediately apparent.

    /gary

  14. Ori Avtalion using Minefield 3.0b4pre on GNU/Linux 64 bits | February 23, 2008 at 4:23 am | Permalink

    Hmm.. Wasn't there an OpenID login on this site? :)

    I apologize in advance for this horribly long comment.

    The reason why so many websites are becoming providers is because it's relatively easy:
    Just hook the authentication server into your already-existing cross-site login system, and add a meta tag at the top of the user's personal page.

    ("Cross-site login system" may not be the correct term, but I'm referring to the service that TypeKey, Yahoo, Google, MS Passport etc. offer which allows you to integrate their authentication mechanisms on your personal website's login page -- basically the proprietary alternative for OpenID)

    Becoming a Consumer is much harder. You have to create new tables in the database that link OpenID accounts to your exiting user accounts, and figure out how ito integrate it with your existing interface which would allow the common non-techy user to discover/ignore OpenID if he/she pleases to.

    In the recent OpenID DevCamp, an effort was started to provide recommended methods of interface integration, with the help of UI experts. (I may not have all the details straight, but it's one of the goals).
    Once this is done, I expect big-time consumers to appear in a slightly faster rate.

    Until that happens, almost any web-user will have at least one OpenID account through a popular website which is a Good Thing. Consumers will be able to implement "smart" login forms with "login with " fields instead of "login with OpenID".

    Then the only problem would be to teach the users that they were really using OpenID ;)

  15. paul using Firefox 2.0.0.16 on Windows XP | August 9, 2008 at 10:14 am | Permalink

    Stop crying and read up on the trust model of OpenID (or better: the lack thereof). Why on earth should the website you're trying to login trust some random OpenID provider?

  16. Anthony Picciano using Safari 525.27.1 on Mac OS | January 15, 2009 at 12:25 pm | Permalink

    The dilemma is that OpenID is based on trust. You cannot force a provider to trust any OpenID -- there's no trust there.

    I agree that in its present condition OpenID is broken and almost useless.

  17. Frederique using Safari 525.27.1 on Mac OS | April 21, 2009 at 2:21 am | Permalink

    I really do think that OpenID is the future. The previous months a lot of big player finnaly supported OpenID loggin. But I agree it's still a bit of a way to go...

Post a Comment

Your email is never published nor shared.

Switch to our mobile site