I propose ...

concern

if somebody knows my openid account then they can simpy use that for the site I have added with allow always settings. how do you address this possibility

3 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    2 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        Hi my name is Kalir need help to catch a hacker dont even no where to begin! Please if you have any ideas let me know! Really dont know much about computers HELP PLEASE !!!!! THEY HAVE GOTTEN INTO MY PERSONAL MY PHONES AND MY EMAIL

      • AdminChris Messina (Admin, OpenID) commented  ·   ·  Flag as inappropriate

        Actually, that's not how OpenID works.

        Even if someone knows your OpenID, they would still need to sign in to your OpenID provider with your password.

        Even when you tell your provider to use the "always allow" feature, the site you're signing into still MUST ask your provider if you're still signed in. Therefore, knowing your OpenID is not enough to sign in as you.

      Feedback and Knowledge Base