How many user accounts and passwords do you use on the web?

How do you manage them? Do you use the same username and password across multiple website?

Are you sure?

 

 

 

 

 

 

 

 

Could this be a security risk? Is it reasonable to go and change your password for all of your accounts?

 

Does it annoy you when you have to sign-up for an account on a website and provide the information that you've provided over and over again, then go check your email for a confirmation link?

 

There is a better way, it's called Microsoft Passport!

 

Excuse me, I mean OpenID.

 

OpenID was first developed way back in 2005 by Brad Fitzpatrick who was working for Six Apart at the time.

 

OpenID was designed with a few guiding principles: 1) use URLs as usernames 2) be decentralized and open

 

demonstration/explanation of the process. 

 

URL vs email

On the web, an email address really just provides write-only access, you typically can't get information about a person just using their email address. A URL is designed to return a response. Also, we typically want our URLs to be crawled by bots on the web, but not so much for email.

 

Usability, changing conventions a good idea? Mechanisms to route email addresses to an OpenID URL.