Comments on: OpenID: Is it Time to Care Yet? http://gigaom.com/collaboration/openid-is-it-time-to-care-yet/ Fri, 25 May 2012 12:36:26 +0000 hourly 1 http://wordpress.com/ By: alex http://gigaom.com/collaboration/openid-is-it-time-to-care-yet/#comment-67999 Wed, 13 Feb 2008 00:24:11 +0000 http://webworkerdaily.com/2008/01/18/openid-is-it-time-to-care-yet/#comment-67999 @Peter many (if not most users) are already using the same user name passord combination on all their sites. Which means they are only as secure as the weakest link. And there may be some black sheep among those site owners, too.

Secondly you can use a proxy url (like you own domain) and map it onto any openID provider. So in case your provider is compromised or unavailable you can switch easily an quickly to another one – and that will also switch all the services you are using.

]]> By: Peter http://gigaom.com/collaboration/openid-is-it-time-to-care-yet/#comment-67998 Sat, 19 Jan 2008 02:12:29 +0000 http://webworkerdaily.com/2008/01/18/openid-is-it-time-to-care-yet/#comment-67998 My concern over OpenID is that it is effectively the same as using the same logon and password at every site. If my OpenID is ever compromised (by whatever method you want to imagine) EVERY account linked to it is compromised.

Sure having multiple logons and passwords is more complex, but if one is compromised, none of the other accounts are effected.

Two factor systems can help, but I still see this as an inherent security flaw in OpenID.

]]> By: Aaron B. Hockley http://gigaom.com/collaboration/openid-is-it-time-to-care-yet/#comment-67997 Fri, 18 Jan 2008 21:33:22 +0000 http://webworkerdaily.com/2008/01/18/openid-is-it-time-to-care-yet/#comment-67997 Chris, thanks for the response on comment feeds. It’d be nice to have a link on the page somewhere so it’s easier to subscribe, but good catch that it can be done manually as you describe. I should’ve known that myself.

]]> By: Aswath http://gigaom.com/collaboration/openid-is-it-time-to-care-yet/#comment-67996 Fri, 18 Jan 2008 21:01:20 +0000 http://webworkerdaily.com/2008/01/18/openid-is-it-time-to-care-yet/#comment-67996 I think the problem is the marketing of OpenID. Contrary to the widespread perception that the benefit of OpenID is SSO, OpenID will be used by those application providers who benefit from outsourcing the authentication procedure. An immediate example will be age verification, as many SNs will be forced to do after the recent MySpace agreement with the attorneys general.

]]> By: Chris http://gigaom.com/collaboration/openid-is-it-time-to-care-yet/#comment-67995 Fri, 18 Jan 2008 20:47:02 +0000 http://webworkerdaily.com/2008/01/18/openid-is-it-time-to-care-yet/#comment-67995 … I forgot to mention: That’s a WordPress convention, it won’t work for every blog out there!

]]> By: Chris http://gigaom.com/collaboration/openid-is-it-time-to-care-yet/#comment-67994 Fri, 18 Jan 2008 20:46:27 +0000 http://webworkerdaily.com/2008/01/18/openid-is-it-time-to-care-yet/#comment-67994 Good news on the comment feeds. Since this site is using pretty permalinks, just take “/feed” on the end of any article for a comment feed link.

http://webworkerdaily.com/2008/01/18/openid-is-it-time-to-care-yet/feed
is the feed for this article. :-)

]]> By: Aaron B. Hockley http://gigaom.com/collaboration/openid-is-it-time-to-care-yet/#comment-67993 Fri, 18 Jan 2008 19:31:30 +0000 http://webworkerdaily.com/2008/01/18/openid-is-it-time-to-care-yet/#comment-67993 Another comment-related request: comment feeds please :)

]]> By: Aaron B. Hockley http://gigaom.com/collaboration/openid-is-it-time-to-care-yet/#comment-67992 Fri, 18 Jan 2008 19:30:31 +0000 http://webworkerdaily.com/2008/01/18/openid-is-it-time-to-care-yet/#comment-67992 There are some good WordPress OpenID plugins. It would be nice if WWD had one to allow OpenID comment authentication.

]]>