Yahoo! OpenID! Yahoo!
Last week, Yahoo announced support of OpenID 2.0 adding its 248 million active users to the OpenID universe.
This is big not only in the potential numbers, but in the momentum it puts behind adoption of the standard. This will push others to adopt industry power-houses to adopt a similar policy.
It’s also noteworthy that they specified version 2.0. To date most sites that have implemented OpenID have been using 1.0. (This includes MT.) OpenID 2.0 has the potential to be far more useful since it adds the ability to exchange additional attributes such as a name or email address.
OpenID 1.0 only supplied you with an identifier that could be anything and an approval or rejection from the identity provider. This was a big show stopper for use on appnel.com particularly for my downloads section. An OpenID service doesn’t provide me with a validated email address like Six Apart’s TypeKey protocol and service that was a precursor to OpenID.
If you are interested in everything that’s new, Phil Windley wrote a nice concise post on what’s new in OpenID 2.0 and why that I like better then James Henstridge’s piece on the topic. (No,it has nothing to do with that fact Phil is a MT user.)
If you’re not into reading here is a pretty good video that explains the basic concept of OpenID:
The next big step is for all the massive services like Yahoo to not just be an identity provider, but consumer. I should be able to collapse my Google account with my Yahoo account and so on. It will be interesting to see if market share and business concerns will get in the way of openess and user-centric concerns. In highlighting Yahoo’s announcement, Six Apart mentioned that they hosted an OpenID hackathon that was well-attended by members of various companies that was encouraging hear.
Yahoo users can create their OpenID identity starting January 30th at http://openid.yahoo.com/.
On an aside there is this passage from the PCWorld article announcing Yahoo’s support:
The other way in which Yahoo users will be able to take advantage of OpenID is in sites that, in addition to the URL string, will also embed a conventional Yahoo log-in prompt on their site. In those cases, Yahoo users will simply need to enter their Yahoo user name and password to log in. The information will be verified on Yahoo servers and, once authenticated, Yahoo will inform the external site that the person is a Yahoo user. The external site doesn’t see any log-in information, [Raj] Mata said.
I’m not so sure about that one. Sounds like it will make phishing for passwords to hijack accounts pretty easy if this becomes common place. I suppose the devil in in the details. I’m not going to be diving in head first on that idea though.
There are no comments yet. You could be the first!