While adoption of OpenID is growing steadily, some people have still doubts about its security and usability. Not all of the concerns are unfounded and we highly encourage you to read about the technology, compare it to other existing login practices and make an independent decision if you want to use it. If you decide to try OpenID, make a list of what’s important to you and find an OpenID provider that fits your list best. We hope Spread OpenID can provide some assistance.
Fortunately the OpenID community is aware of most concerns and companies are constantly improving their products, websites, and even build new tools to make the OpenID experience more convenient and secure.
ID Selector
In April JanRain has launched ID Selector. ID Selector is a widget that relying parties can add to their existing login forms. It shows a list of some well-known OpenID providers. Users who wish to log in to the relying party don’t have to provide their full OpenID anymore; the username part of their OpenID is sufficient. ID Selecor takes care about the rest. That’s rather convenient as users don’t have to remember the URL pattern of their provider. Is it https://username.openidprovider.com/ or is it https://openidprovider.com/username? Providers listed in the widget can be customized by relying parties, so it might look slightly different on the various websites.
The example below is from OpenID login, please!
RecognitionAUTH
Unlike ID Selector RecognitionAUTH is not about usability but about security. It’s a an authentication method by ConfIDent Technologies which aims to make logins at OpenID providers more secure. Instead of typing in always the same password at provider logins, users have to remember some image categories they choose. Each time they login images are displayed in combination with a letter. People who use myVidoop as their OpenID provider know the technology already.
Besides image categories RecognitionAUTH also offers authentication by SMS, email, and voicemail. Currently ClaimID, Clickpass, and ooTao have also implemented it.
New Provider Added
Last week we also added a new provider to Spread OpenID - Beemba. Admittedly we have never heard about Beemba before but it looks quite interesting. It supports both OpenID 1.1 and 2.0 and also offers content aggregation from various web services.
8 Comments
Another security enhancement for OpenID authentication is available from JanRain’s myOpenID service: CallVerifID (about_callverifid). Its a free phone-based 2-factor authentication solution.
Yes, that’s right. I didn’t mention it because you don’t have it announced officially yet. Also I am unsure if it works for people all over the world. I tried it but got notified that the number is not supported yet.
It is currently supported in the US and some international locations, but you are correct that not all international destinations are supported yet. Sorry we haven’t made that clear yet. We will be providing a list of which countries are currently supported shortly.
Thanks Brian, I have updated the myOpenID entry accordingly.
Excellent post Carsten, thanks for the mention. I would also like to add we have a new version of our password manager out that supports Firefox 3:
Cheers,
Kevin
Thanks Kevin, we have listed the password manager on myVidoop’s entry already, though.
True, but we just announced Firefox 3 compatibility, so I thought it may be relevant
Sorry if I was too spammy.
Don’t be silly! You’re not spammy. Changed the entry.