OpenID Intro
“Identity 2.0 - Forget your passwords”

~/ $ who am i
• Frank Louwers - frank@openminds.be
• Partner in Openminds & Metatale
• http://frank.be
• Openminds offers high-quality, high-
performance Internetsolutions
• Openminds launched the first Belgian
OpenID identity server

Quick Poll?

Quick Poll?
• Who uses same username / password for
every new account?

Quick Poll?
• Who uses same username / password for
every new account?
• Who loses usernames / passwords for
some sites?

Quick Poll?
• Who uses same username / password for
every new account?
• Who loses usernames / passwords for
some sites?
• Who has a blog?

Quick Poll?
• Who uses same username / password for
every new account?
• Who loses usernames / passwords for
some sites?
• Who has a blog?
• Who has OpenID? (Wordpress.com, AOL,
Typepad,Yahoo!, ...)

Passwords, usernames,
and amnesia

Morning workflow
• Read Mail
• Read RSS feeds
• Use company Intranet / wiki
• Write blogpost
• Comment on other blogs / wiki

Morning workflow
• Read Mail needs login
• Read RSS feeds
• Use company Intranet / wiki
• Write blogpost
• Comment on other blogs / wiki

Morning workflow
• Read Mail needs login
• Read RSS feeds needs login
• Use company Intranet / wiki
• Write blogpost
• Comment on other blogs / wiki

Morning workflow
• Read Mail needs login
• Read RSS feeds needs login
• Use company Intranet / wiki needs login
• Write blogpost
• Comment on other blogs / wiki

Morning workflow
• Read Mail needs login
• Read RSS feeds needs login
• Use company Intranet / wiki needs login
• Write blogpost needs login
• Comment on other blogs / wiki

Morning workflow
• Read Mail needs login
• Read RSS feeds needs login
• Use company Intranet / wiki needs login
• Write blogpost needs login
• Comment on other blogs / wiki needs login

Even worse ...
http://www.monuments.nu/monuments/2007/05/pure_annoyance.html

Our best friend ...

Not only do we need to remember the password
We also need to rember the (random) username!

Solutions

Lazy solution
• Same password everywhere
• Not safe
• One site compromised, all sites
compromised
• When your mail-address changes, accounts
lost?

Solution: Single Sign On
• Previous attempts: Microsoft Passport.net
• Centralised (not everyone trusts MS)
• Expensive to integrate
• Not extendable

OpenID: KISS
• De-centralised
• Open Standards based
• easy, lightweight protocol
• providing Single Sign On
• Based on proven standards (dns and urls)
• A blog identifies a person

De-centralised
• You choose one of the many OpenID i-
providers (http://openid.openminds.be)
• You choose who you trust and why
• Even set-up your own OpenID server if
you want
• It’s the only place where your credentials
are stored

A life without passwords
How does it look like?

Login to OpenID sites
• Enter your OpenID identifier url as
“username”
• Site contacts your OpenID Server (based
on url)
• OpenID Server checks if you are logged in
• OpenID Server passes token to site

Only the first time I login to an OpenID site that day.
Next time, only a confirmation is needed.

What data should be transfered to the site?

Wikitravel doesn’t have a local account for this OpenID.
Suggests me to create one. This happens only the first
time. It binds my OpenID (openid.openminds.be/frank) to
this new account.

Blog url as OpenID
• My OpenID: openid.openminds.be/frank
• My blog: frank.be
• Solution? Simple HTML tags!

Add html headers tags
No other plugins or code needed on your blog!

Who is using it?

Who’s in the game?

Plugins available for:
• Blog software (Wordpress, MT,
Mephisto, ...)
• Wiki software (MediaWiki, DokuWiki, ...)
• Almost all Web frameworks (Drupal, Ruby
on Rails, Joomla, Django, ...)

Add OpenID to your project
• Lower barrier (users don’t need to create
an account) eg: http://iusethis.com
• Simplifies account setup
• Specific hacks
• AIM integration
• Company Intranets or wiki’s and
Company OpenID

Problems?
• Google isn’t in, and won’t be in soon
• Login is slower (browser redirects ...)
• Vulnerable to Phishing
• risk actually less than with username /
password logins
• can be fixed with plugins (and FF3)

Future versions
• Exchange of more attributes
• Gravatars?
• Address (eg for shipping)
• Language / timezone settings
• Verified email address or not
• Security enhancements

Cool sites using OpenID
http://iusethis.com

Cool sites using OpenID
http://jyte.com

Cool sites using OpenID
http://jyte.com

Cool sites using OpenID
http://shopify.com

Cool sites using OpenID
http://heardontv.com

Links
• http://openid.openminds.be (still beta)
• http://myopenid.com
• http://openid.net
• http://janrain.com/openid
• http://openiddirectory.com

Q &A
• Do you use OpenID?
• Do you consider it?
• Why (not)?
Frank Louwers - frank@openminds.be