transcend

The future of login

Tired of registering for new sites, and keeping track of all those user names and passwords. Well, with big players like AOL and Microsoft moving towards supporting OpenID, those days took one step closer to being over.

What is OpenID?

OpenID is an open, decentralized, free framework for user-centric digital identity.

OpenID starts with the concept that anyone can identify themselves on the Internet the same way websites do-with a URI (also called a URL or web address). Since URIs are at the very core of Web architecture, they provide a solid foundation for user-centric identity.

The first piece of the OpenID framework is authentication - how you prove ownership of a URI. Today, websites require usernames and passwords to login, which means that many people use the same password everywhere. With OpenID Authentication, your username is your URI, and your password (or other credentials) stays safely stored on your OpenID Provider (which you can run yourself, or use a third-party identity provider).

To login to an OpenID-enabled website (even one you've never been to before), just type your OpenID URI. The website will then redirect you to your OpenID Provider to login using whatever credentials it requires. Once authenticated, your OpenID provider will send you back to the website with the necessary credentials to log you in. By using Strong Authentication where needed, the OpenID Framework can be used for all types of transactions, both extending the use of pure single-sign-on as well as the sensitivity of data shared.

OpenID is increasingly gaining adoption among large sites, with organizations like AOL both acting as a provider as well as Wikipedia announcing that they will support OpenID. In addition, integrated OpenID support has been made a mandatory priority in Firefox 3 and Microsoft is working on implementing OpenID 2.0 in Windows Vista.