Tag: openid

Identity disorder

More and more sites these days ask you to create an account to access their functionality. Each time you create an account, that’s one more username/password combination to remember because in this age of identity theft, using the same username/password combination across sites is a serious no-no.

Then along comes the idea of open identity portocols. Open identity protocols promise single sign-on across multiple online sites. One identity to log in on them all, as it were.

Now, however, there seems to be a slew of identity protocol sites springing up to which you have to sign up and get logon details! There doesn’t appear to be a dominant player and the open identity sites don’t share information with each other. So we are back once more to having multiple identities (albeit hopefully fewer than before).

I already have signed up to myopenid, Verisign’s PIP and one or two others (whose names escape me already!).

Sigh, here we go again!

Free digital identities from Verisign

If you are not familiar with the notion of a digital identity, I would recommend you take a few minutes to listen to the podcast I did with Drummond Reed over on PodLeaders a couple of months back.

Drummond is the founder and CTO of Seattle-based Cordance and in the podcast, Drummond explained very clearly the thinking behind and the importance of digital identities.

The lack of a digital identity infrastruture is something which has always annoyed me. Why do I have to kep track of a different username and password for every site I create an account on? Why can’t I have a single sign-on which I control, which allows me access to every site?

Well, today VeriSign made the first significant step towards that goal with the launch of their Personal Identity Provider (PIP).

With a (free) PIP from VeriSign, you get a personal uri for your identity (mine is TomRaftery.pip.verisignlabs.com). You submit this address to logon to websites in place of the usual username and password and the sites get only the identity information you chose to share with them from that address. Sweet.

Now all we need is for websites to adopt this standard and I can forget all the usernames and passwords I have to remember currently!

I can see a time in the very near future when I will use the availability of this as the deciding factor in whether or not I use an online application.

As an aside, I wonder how long it will be before there is a WordPress plugin available which will allow bloggers deploy this for commenters on their blogs? Or if WordPress have any plans to build it into the core of the next WordPress release? Matt?