The tiny investment ($29?) you make in Roboform will make this a non issue.
Rick Butts
ceejayoz
· 1 year ago
Sure, until you have to change your password and have to do it in 30 different sites...
revbean
· 1 year ago
Lets not ignore the big problem here though, that while everyone and their mother is clamouring to become an OpenID _provider,_ not too many big sites are allowing you to use OpenID as your login credentials. This flies in the face of what OpenID is really all about.
kerendg
· 1 year ago
I wrote about the same issue from the point of view of a mashup application developer; highlighting the three concepts: Security(SSO), Access Control and Single Identity. These three will make our online services adoption experience more transparent.
I ask myself why so many websites require login in the first place. Take doodle.ch for example. No login required but still great collaboration features.
janie
· 1 year ago
OpenID didn't work for me. Typing in a password and being able to log on when and where I want to without any hassles seems to be a lot easier.
Vidoop
· 1 year ago
Very nice post, its cool to see active discussion going on around these technologies. I work for Vidoop and we have a a few dogs in this race :)
A couple notes... I think of OAuth as your valet key for the web, you give an OAuth token to Flickr to just get your Gmail contacts, as opposed to giving a full username and password.
OpenID as a SSO has quite a bit of promise, though there are some potential downsides. With all your eggs protected in one basket you want to make sure that basket is secure. We require two-factor auth for our provider at http://myVidoop.com and there are a couple other providers that license our tech like Clickpass, or if you have a paypal token you can use Verisign. If you are familiar with Infocards there are a couple OpenID providers that have Infocard support. Whatever OpenID provider you go with I highly suggest making sure they take security seriously.
There is a neat site dedicated to helping 'bug' websites about OpenID support at http://demand.openid.net/
If you do not want to spend money for Roboform we have a free password manager that ties in to your myVidoop account. I actually use it all the time and it has saved me lots of time and allowed me to ditch the notepad totally.
For anyone interested in what Chris Messina is currently up to check out http://diso-project.org/ The project is aiming to create a single package for the many 'distributed social networking components' currently floating around.
Cheers, Kevin
Mike Daviies
· 1 year ago
OAUTH and OATH
I think it is worth pointing out another standard which is around with a rather similar name.
OATH works in a related space to OAUTH and I have posted something here which explains what OATH is relative to OAUTH and OPEN ID.
Thanks
Mike
Mike Davies
· 1 year ago
Just noticed I didn't put link into my previous reply.
I enjoyed this article as I was having a bit of trouble telling the two apart.
The only problem with OAUTH is that it only lasts for a little while. Which is good in some cases - but bad in others.
What if a user wants to give facebook constant access to their twitter updates? with OAUTH the user would have to give facebook that approval everyday!
All Comments
Rick Butts
These three will make our online services adoption experience more transparent.
The three elements for successful Mashup sign-on process:
http://usingit.wordpress.com/2008/07/25/singe-w...
Keren
A couple notes... I think of OAuth as your valet key for the web, you give an OAuth token to Flickr to just get your Gmail contacts, as opposed to giving a full username and password.
OpenID as a SSO has quite a bit of promise, though there are some potential downsides. With all your eggs protected in one basket you want to make sure that basket is secure. We require two-factor auth for our provider at http://myVidoop.com and there are a couple other providers that license our tech like Clickpass, or if you have a paypal token you can use Verisign. If you are familiar with Infocards there are a couple OpenID providers that have Infocard support. Whatever OpenID provider you go with I highly suggest making sure they take security seriously.
There is a neat site dedicated to helping 'bug' websites about OpenID support at http://demand.openid.net/
If you do not want to spend money for Roboform we have a free password manager that ties in to your myVidoop account. I actually use it all the time and it has saved me lots of time and allowed me to ditch the notepad totally.
For anyone interested in what Chris Messina is currently up to check out http://diso-project.org/ The project is aiming to create a single package for the many 'distributed social networking components' currently floating around.
Cheers,
Kevin
I think it is worth pointing out another standard which is around with a rather similar name.
OATH works in a related space to OAUTH and
I have posted something here which explains what OATH is relative to OAUTH and OPEN ID.
Thanks
Mike
http://blogs.verisign.com/identity-emea/
Mike
The only problem with OAUTH is that it only lasts for a little while. Which is good in some cases - but bad in others.
What if a user wants to give facebook constant access to their twitter updates? with OAUTH the user would have to give facebook that approval everyday!