If you've not heard about OpenID, it's an interesting new technology on the web. Given all of the different websites and logins/passwords that one needs to remember these days, this technology could be either a blessing or a curse.
On the bright side is the fact that you store your encrypted login and password on your server and anytime you login anywhere, it authenticates back to your server. On the negative side is what's known as a ‘single point of failure'. If someone can authenticate using your login and password, then they could have access to any system that you have access to via OpenID.
Here's a short presentation on OpenID:
The more I learn about OpenID, the more optimistic I am. At first I was really suspect, but having configured it and seeing how to use it, I think it's a great technology. AOL, Microsoft and SixApart are a few of the latest folks to support OpenID, it appears to be taking on steam.
One of the great things about OpenID is that you can host it right on your own server. I've configured phpMyID tonight in a few minutes and it tested and worked great. I chose the easiest option for Single User configuration so I only had to do a few things:
- Make a new directory on my server and install the files. I chose /OpenID/
- I added redirectors to my WordPress header file that redirects any OpenID requests
- I had to configure my password by encrypting my login, realm (this is phpMyID), and password. To do this, I popped a PHP file up on the server with the following code:
- I copied that encrypted string into the configuration for the ID file and I was up and running!
- To test, I simply had to login using a simple URL
- I then logged out
That was it! My OpenID address is now http://martech.zone and it will authenticate the Login and Password that I chose.
One other nice feature that folks haven't spoke about is use of default information that authenticated applications can access. You can make your name, birthdate, timezone, gender and other information available for use. I love that idea! Less forms to fill out.
There's quite a lot of news on the blogosphere on OpenID, I'd advise you to read more before you make your decision:
If nothing else, OpenID is a simple authentication scheme that, if adopted, should really simplify authentication on most websites. I hope it really explodes though I won't be accessing my bank account with it anytime soon (nor would I want to). If you want to climb on the OpenID bandwagon, I would do it quickly so that you can get some of the initial press that goes with it.