Last year, I signed up to get an OpenID.
I didn’t fully understand what it could do but I did believe that it would become more important, not to mention useful, to have a means by which you could identify yourself with a trusted common ID on websites where normally you’d have to separately register each time with a user name and password.
I did understand the de-centralized aspect of it all where you’d choose from a selection of organizations who offer OpenID services.
I went with VeriSign’s Personal Identity Provider. Why VeriSign and not one of the other providers? Mainly because I knew of VeriSign and associate them in my mind as a trusted company in the broad area of security online.
Anyway, I’ve had my PIP OpenID identity for some while, but I’ve never actually used it.
And that’s because I still don’t really understand how to.
OpenID is a decentralized single sign-on system. Using OpenID-enabled sites, web users do not need to remember traditional authentication tokens such as username and password. Instead, they only need to be previously registered on a website with an OpenID “identity provider”, sometimes called an I-broker. Since OpenID is decentralized, any website can employ OpenID software as a way for users to sign in; OpenID solves the problem without relying on any centralized website to confirm digital identity.
Yesterday, I received an email from PIP telling me of a range of improvements to the service.
- Support for OpenID 1.1 and 2.0
- Ability to create multiple identities managed from within a single user account
- New “tag based” profile data management interface making it easier to view and sort all of your profile data
- Ability to download managed Information Cards for each of your created identities to use with technology such as Microsoft’s Cardspace
- Strong authentication support via second-factor credentials from the VeriSign Identity Protection network (PayPal tokens can now be used on the PiP), along with the ability to have a one-time PIN sent via SMS or email if you’ve forgotten your credentials
Yes, well, that’s all great, and indicates advances in further developing the trusted aspects of this service, but I still don’t feel incentivized to go out and use my OpenID anywhere.
For one thing, I hardly see any websites or blogs that employ OpenID. And that’s when I actually visit websites and blogs, which I don’t do that much because I’m an RSS creator-consumer.
Mind you, one new feature from PIP which looks very interesting is the Seatbelt, a Firefox extension that lets you manage all your OpenID sign-ons without going to the PIP site all the time. Things like this start making it all easier to understand.
And on that point about understanding, I was beginning to think it’s just me with this difficulty. Then I found Jan Miksovsky’s terrific post in which he starts out with this:
[…] [OpenID] sounds great, but in practice I found the whole process bewildering. In my opinion, itâ€™s not ready for consumer use.
Absolutely right. It seems to me that OpenID is still a very early-adoption technology, the domain of serious geeks and tech enthusiasts.
Well, I’m as enthusiastic as the next geek but I just don’t really get OpenID yet.
Maybe it’s by using tools like Seatbelt and paying attention to people like Jan Miksovsky that will bring some enlightenment.