CREATING AN OPENID

OpenID is a decentralized authentication system that was created by LiveJournal and is now being developed as an open standard with the help of the Apache Foundation. Anyone can create an OpenID, and the number of sites that allow users to use their OpenID to log in is continually growing.

An OpenID is simply a URL. My OpenID is dragotown.com, the address of my weblog. I can use it to sign in to any site that supports OpenID, and because I’m the only person with control over my weblog’s homepage I’m the only person who can use that identity.

I followed the instructions in Simon Willison’s article, How to turn your blog in to an OpenID, and was able to create and begin using my OpenID very quickly.

There are really only two steps to designating the URL of your website as your OpenID. First, you sign up with an OpenID provider. A few popular providers are LiveJournalVoxVeriSign Labs, and MyOpenID. Note that since OpenID is decentralized, anyone can set up their own server, however these services offer to host your OpenID for you.

Next, you point your site to your chosen OpenID server by adding the appropriate code to the header of your site’s HTML. I chose claimID, so I added the following code:

  1. <link rel="openid.server" href="http://openid.claimid.com/server"/>
  2. <link rel="openid.delegate" href="http://openid.claimid.com/drago"/>

That’s it! Now, when you go to a site that allows you to log in using your OpenID, you simply enter your OpenID and you will be redirected to a page (on your OpenID server) where you enter your account’s password. Then, you are directed back to the page you were browsing.

There are many benefits of OpenID. A standardized login system means you don’t have to create an account at every site you want to log in to. Instead of remembering multiple usernames and passwords, each time you want to log into a site you are sent to your OpenID server. Also, the OpenID server can share information, such as your name, email, or address, with sites that support OpenID and which you have authorized to access the information.