How to create and use an OpenID
Tim February 24th, 2007
If you're new to DemoMarks.com and like what you see, you may want to subscribe to our RSS feed.
There’s a lot of buzz surrounding OpenID lately with more and more sites including Wikipedia and Digg promising support. Still to many the idea sounds intriguing but difficult to implement. Lifehacker recently posted a screencast by Simon Willison on how to use OpenID and I figured it’s prime time we demo’d it here at DemoMarks. It turns out the process is simple to use and configure and offers a ton of functionality. So here we go.
Requirements:
- Basically just an email address and a few minutes
1. The first step to using the OpenID system is to set an ID up with an OpenID server. It’s important to note that there is no single site that manages OpenIDs. We have decided to use Verisign’s Personal Identity Provider to manage our OpenID. Users of LiveJournal and Vox already have an OpenID system. There are also a few other sites including MyOpenID that will help you get an ID set up, so take your pick.
2. I go ahead and choose to create a new account. As you can see it only asks for a few basic pieces of information including a username, email address, and password. I verify I’m not a bot via the captcha and I’m in.
3. Once I have verified my email address through a link sent to me I’m logged in. I have a few options right off the bat. I’m going to upload a picture that will be used as a unique verifier for my identity. This is not mandatory but it’s useful as a safeguard against spoof attempts to gain my OpenID information.
4. Once I’ve uploaded my image it’s displayed on the homepage. You’ll also notice at the top a URL “demomarks.pip.verisignlabs.com” which is the ID assigned to me. Going to that site will bring me to this homepage (or if not logged on it goes to the main PIP Verisign Site).
5. Under the Profile page I could choose to fill in as much or as little information as I wanted. Remember by doing this once you will be able to have the OpenID system automatically input these fields into a new signup. Very handy, but I’m going to skip it for right now.
6. Verisign also keeps track of where and when you’ve logged on to certain sites. This is helpful to find out if someone is using your OpenID account to log into sites. Privacyphobes will likely raise an eyebrow to this but if this feature is something that bothers you simply try a different OpenID server. Realistically all servers will be logging this information, Verisign just allows you to review it.
7. Now that we’ve got our ID set up it’s time to take it for a test drive. To do that we need to find a site that supports the OpenID protocol. A full list can be found at the MyOpenID Directory. For the purposes of this demo I’m going to attempt to log in to Jyte, a social network for making claims and building online cred (whatever that really means).
8. To log in we click the OpenID login link at the top of Jyte’s homepage. That brings us to this page where all we are asked for is our OpenID, which if you remember correctly is the URL for the Verisign page.
9. Because we are already logged in with Verisign we are immediately taking to this Trust Page where we can choose how often to allow logins to this domain as well as how much information we want to give Jyte at this time through Trust Profiles. If we had not been logged in with Verisign we would simply have to put in our initial Verisign user ID and password to get to this page. That’s the whole idea behind one id for multiple logins.
10. After approving the authorization for Jyte we are transported right back to Jyte’s page where as you can see we’ve been signed up and logged in. We have the option of filling out our profile at Jyte if we wish, but we’ll just skip that for right now.
11. The Jyte Homepage now accurately reflects that we are logged in with our OpenID and we didn’t have to sign up directly with their service to do so.
The OpenID system was surprisingly easy to use and I can only hope that it will garner even more support as time goes on. Mozilla is already pledging to build greater support for OpenID into Firefox 3 and Microsoft is hoping to integrate the next iteration of OpenID into Vista sometime in the future. While the security conscious folks will no undoubtedly be uncomfortable with the idea of one login for multiple sites and storing personal information on a private server, I think the cause is noble and the checks and balances are in place to prohibit fraud. This system also allows a person to use a single username to verify their identity, and important point for those that are known by certain online monikers that might not be available with certain sites. The process was simple and intuitive, and I’ll be using OpenID in the future to manage accounts.
