open ID, good and bad
January 17th, 2008 | by geo |I just signed up for an openID via VeriSign, mainly because I have about 50 accounts across different internet sites and I’d love to be able to login with using a single username/password. Open ID lets you do this.
Microsoft tried this concept with Passport years ago…but for whatever reason it never took off. Anyway, I like the concept and the simplicity, and the fact that I can login to OpenID sites with one URL (not even a username password combo). Very convenient!
However, I don’t understand that when signing up for my ID I only had to input my name, email and password. I mean, not really an “ID” is it? Especially by VeriSign standards. It would be nice if they created a REAL ID that included some additional personal credentials..maybe an address? phone #? I mean…something else. Anybody can make an Open ID….that’s not smart.
I’d like to be able to use my ID to buy on Amazon, eBay, iTunes, and all of the e-commerce sites too. Guess that’s not happening anytime soon. (hint: great new feature for you Open Id guys!)
Second criticism, it’s a URL login, and it follows a standard format. Doesn’t seem to “hacker safe” to me….I mean, people can guess this stuff right? It’s not rocket science. Maybe I’m missing a few extra “behind the scenes” security measures they’ve taken, but it’s not very secure. They do ask you for your open ID username and passwrod when logging in from a new machine, so I guess that’s ok security, but if someone hops on your machine and a makes a lucky guess at your “standard formatted ID URL” – they could have access to ALL of your sites in one swipe – heads up 
THE TAKE HOME HERE: I’d recommend Open ID for basic services that you use online (as they become Open ID compliant), but anything you view as “highly confidential” I’d stay away from Open ID…at least until they enhance the security measures. I don’t think these types of sites will sign up in the near term anyway – so sign and use Open ID.
Sphere: Related ContentNo related posts.
