OpenID - The login of the future?

Following my small rant yesterday about not logging enough programming time, I cleared my schedule completely this afternoon and evening (with a rest or two to catch the awesome G4 show Code Monkeys) to catch up with some things. It also didn't hurt that Hurricane Dean passed rather close to Puerto Rico, meaning that my plans were all washed out, but that's okay, I don't blame freak forces of nature for any of that.

The first thing I did was read some news around the 'Net, as I usually do, and I saw a rather interesting article about OpenID, which piqued my curiosity. In case you don't know, OpenID is (according to the main site) "an open, decentralized, free framework for user-centric digital identity". In nicer terms, it's basically a place where anyone can validate their identities in websites around the universe, by storing your allowed sites in a single place. This means you can be able to login any OpenID-enabled site by simply entering your own OpenID URL, logging into your OpenID account, allow the site, and that's it. No more remembering multiple passwords ever again, only your OpenID URL and password.

At first, I thought this was simply a glorified password-saving system, or something similar to the ill-fated Microsoft Passport / Live system. I didn't think it was going to be a great idea. But after reading more about it, I realized the true strength of this system over proprietary systems like Microsoft's: It's available for everyone who wants to use it. And I don't mean that in the sense of creating accounts. I mean it in the sense that any developer can add OpenID functionality to their own web applications for free. That's the beauty of the system.

Although very few sites I frequestly visit don't have this functionality yet, I went ahead and created my own OpenID account over at MyOpenID. They're one of the first OpenID providers, and they make the process rather easy. You simply go to their website, go through their short sign-up process, and once you have the account ready, you can go to any OpenID-enabled site (they also include a directory with sites that have this functionality enabled), and you're ready to log into that site with the URL you created. It's a simple, yet powerful tool.

The site I'm creating right now has a forum powered by the awesomely simple Beast forum app, and it has OpenID support right out of the box, thanks to the ruby-openid gem that you can easily install on your server. After installing the forum I'm going to test on my server, I immediately used my OpenID to create the account, and it just worked without a hitch. I'm sure everyone loves it when things work on the first try as intended.

If you haven't read about OpenID, I suggest you click that link above to go to OpenID's website, and read all you can about it. I believe this will cause an impact in the Open Source industry, and more applications will start to have this included. I know that whenever I can, I'll be adding this functionality to my websites. I already found a tutorial that helps integrate OpenID functionality with the actsasauthenticated plugin. I'll be sure to look into that, and post my results of that experiment soon.

Written by

Dennis Martinez

Show Comments