OpenID could leave you stranded
Posted on May 9th, 2008 by Richard Catto 2,251 views
Like many people presented with a new innovative online service, I just accepted OpenID as a useful service that I should probably have and use.
And I did. I discovered that when I created a WordPress.com account, I got a free OpenID url thrown in. So I used it to sign into Plaxo and create an address book for myself there.
Listening to all the hype and the urgings to use OpenID from many fellow South African bloggers, I simply went ahead without considering the possible pitfalls of doing so.
But now it seems like I should have looked before I lept, because as Kyle Neath points out in a blog post he wrote in April, he has 5 reasons to give us pause before we jump onto the OpenID train.
The most compelling reason he lists, in my opinion, is the fact that should your OpenID provider decide to cancel its service, you will very likely lose all access to all the accounts you created using that OpenID url.
That means that if WordPress.com decides to cease being an OpenID operator or simply goes out of business, I won’t be able to log into the plaxo account I created with the OpenID url they provide me.
At some point, some OpenID providers will cease operating. That is a sure thing, and unless some vital changes are made by the third party services which currently accept login via an OpenID url, some people are going to lose access to all their accounts and all the data they store there.
"With a distributed model, it should be assumed that at any given time any given node could be disconnected or go out of service. Most implementations today do not afford this luxury. You can’t enter your email address to recover your account. You can’t change which OpenID you registered with. And you simply can’t access your account should your provider be having some technical difficulties.
When I look at the currently implemented OpenID ecosystem, I just see a tightly coupled system that is going to fail at some point for a large amount of users." – Kyle Neath
Kyle, I don’t think you could have put it more plainly why people should not use OpenID for anything but trivial throwaway accounts which contain no data that one wishes to retain.
I am now going to see if Plaxo will allow me to convert my OpenID account to a conventional username, password system with account recovery through an email address and secondary email address.
Thanks for the warning. You may have helped a lot of people to save themselves a lot of unnecessary trouble in future.
Tags: Kyle Neath, OpenID, Warpspire
Filed under Online Services, OpenID |
One Response to “OpenID could leave you stranded”
-
Richard Catto Says:
May 9th, 2008 at 08:50Plaxo support were quick to respond with a helpful reply.
They advised me to create a password and that would allow me to log into my Plaxo Pulse account with either my email address or my OpenID url.
So my fears are allayed in their respect.
Leave a Reply
You must be logged in to post a comment.
