Open ID

I personally have around a few 100 accounts with almost the same amount of passwords. Because of my creativity in making up new passwords in combination with a memory that can easily forget password within an hour makes me not really happy with the current username/password requirements.

Rather I have one or two accounts that I can reuse all over the internet. That is where Open ID comes in. Open ID is an authentication mechanism that can be shared between different providers. So you can choose the provider where you are storing your main account and link other internet services (even from different companies) to this same account.

This makes Open ID a really good and Open authentication mechanism for internet.

Also a great feature is that Open ID is really easy to implement. We implemented Open ID in .NET by downloading http://www.dotnetopenauth.net/ . It took a little time to exactly get familiar with Open ID however after an hour or so we got a working solution.

Here below an example of our usercontrol that logs a user on with a Google or Yahoo account.

As you can see there are event handlers in dotnetopenauth for handling the login events. Here you can retrieve the open id of the user after he or she has logged on.

There are two possible solutions for using Open ID. You can ask the user to fill in its open id account url. However we do not think user will easily use this option because the open id account url tend to be very long. Option two is to put a button on a site with for instance the text, “click here to login with google”. I think this last option is the best, however you should add multiple buttons for each provider that you would like to support.

A note of critic for open ID providers

Open ID is great, however it still can get better

- Besides authenticating users it is possible the add extra claims. These claims ask providers for specific user information like an email. However I did not get this working for Google and Yahoo. Google should ask the user if they allow our internet service to see his email address however Google doesn’t support this. You simply do not get the email back. This often requires you to ask the email address and or nickname when registering an Open ID account.

My conclusion is that Open ID is really great and very usable for authentication. It made me very happy and I think I am not the only one.

Comments

Popular posts from this blog

System.Net.Http dll version problems

SharePoint Survey Back Button

Azure table storage error: One of the request inputs is not valid