My idea is ...

← Ideas

Encourage OpenID websites to offer non-OpenID alternatives

OpenID might be OK for some, but every time I see a website that uses OpenID, it says to me: "Give up now, you ain't gonna be able to log in here.". Passwords are better, 'cos they are simpler, everyone understands them, and there are existing mechanisms to manage them. I just tried logging into stackoverflow with my OpenID and ended up creating a new user. I'm not saying get rid of OpenID, just that it makes things slower and more complicated, and is hard to understand, so a traditional password alternative should be a good fallback. Here is an analogy:- Passwords: you go to your house and open your door with your key. OpenID: you go to your house and call a telephone number and verify who you are with someone else, who then calls up your house and tells it to let you in. OpenID is a lot more complicated and error prone, and hardly any more secure. What's the point?

4 votes
Vote
Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Mike shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

2 comments

Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Close
Close
Submitting...
  • Ellie K commented  ·   ·  Flag as inappropriate

    Chris is correct. It IS much easier to use OpenID. I use Stack Overflow too, and it was a little rough at the beginning, maybe 6 months ago, I'm guessing there were still bugs in some OpenID providers' implementation, but now it works very well. All of the Stack Overflow sub-genres (including Area 51) authenticate my login really easily and quickly.

    I've been very happy with OpenID. Its unfortunate that it hit a few bumps in the road recently. OpenID really simplified my online activity, while providing better security too. Now I wish sites like the NYTimes and Wall St Journal would use OpenID too!

  • AdminChris Messina (Admin, OpenID) commented  ·   ·  Flag as inappropriate

    OpenID isn't just about passwords. It's about identity.

    Unless you're one of those rare people that actually uses a different password on every site you visit, the more you use the same password across the web, the more surface area you're creating that could be used to get your credentials.

    That is, if you use the same password, or switch between 2-3 passwords, across every site you sign up for, any one of those sites could be hacked or misconfigured, compromising your password. Now if you want to change your password on all those other sites, you have to remember where you've used that password and visit each one individually.

    With OpenID, you centrally manage your account and can change your password or add additional security features to keep your account safe.

    OpenID may be more confusing today, but in the future when every site requires some form of identification, having to manage fewer credentials will be extremely convenient.

Ideas

Feedback and Knowledge Base

(thinking…)