You most likely have seen an option to comment in a blog post, social networking services or other Internet service by using an OpenID login system instead of creating a user account for a particular website or blog before a comment is allowed. OpenID lets you interact or use Internet services that support OpenID as authentication of digital identity or existing user accounts from OpenID providers, without the need for creating another user profile.
OpenID simplifies the process for Internet users because the OpenID login system helps reduce to creating many user accounts. It will benefit people that only plan to comment or interact on a particular topic, but are not interested in using the service by a website. This means, if you have an account from the list of OpenID providers in this article, you can use it to login to any website or service that uses the OpenID login system.
List of OpenID Providers and How it Works?
Some of the providers of OpenID are as follows:
- Microsoft (Hotmail or Windows Live ID accounts, also known as Passport)
How OpenID login system works?
The image at the left is an example how the OpenID login system can work with Internet services that support OpenID login system. In the hpHosts Blog hosted in Google’s Blogger.com service, there is an option to comment using OpenID. It means you don’t need to create a Google account before you can add a comment. All you need to do is enter the email address or username that you may already have which supports the OpenID login system.
When you enter a username or email address from a service that supports the OpenID login system, another browser is opened to verify or check the information with the provider. It will only check whether the account exists. Next, OpenID will verify whether you want to share your information such as your name and e-mail address or location. Finally, you will be able to add a comment or use the service that supports the OpenID system.
Issues in Using OpenID
Like any Internet service that can associate personal information, OpenID have issues, concerns and benefits. The only advantage that I can see in using an OpenID login system is to reduce the creation or maintenance of usernames, passwords or online accounts.
The concerns pertaining to OpenID all about phishing attacks, trust and privacy. And I wonder, what if a hacked Gmail, Yahoo, Hotmail or Windows Live ID is being used by hackers to login to websites using the OpenID login system as "you"? There is no way for OpenID providers and OpenID itself to find out whether the account is one of the hacked accounts because it will only provide an answer to the OpenID authentication system, whether the account really exists in their database. And when it successfully checked that the account exists, the information is presented to the hacker which has the option to edit what information is to be displayed e.g. your first and last names, and e-mail address.
Allowing a site or service to share your login credentials or even an email address is a big privacy concern already to many privacy conscious users, so only use the service of OpenID when you trust that your account is not hacked or being spied on.
Image credit: https://commons.wikimedia.org/wiki/File:Openid.svg By User:ZyMOS [Public domain], via Wikimedia Commons. Screenshot taken by the author courtesy of https://hphosts.blogspot.com/