Home

Now Using OpenID

Course Corrections
by Jon Garfunkel on February 7, 2008.

I’ve implemented OpenID on this site. My friend Kaliya Hamlin (Identity Woman) has been helping this effort for a number of years, and when she passed along the news that Yahoo had joined the effort, I decided to get with the program. (Unfortunately, the Yahoo beta integration is not working here, but I was able to successfully test MyOpenID. I have yet to test Verisign’s PIP).

OpenID needs never needing to remember your Civilities.net password (or any other participating website). On the login page (or on the sidebar at right), you can select “Log in using OpenID” and you enter your OpenID, which sends you to the authentication website if you haven’t already signed in on your browser.

There’s still some hoops to jump through for your first registration:

  1. You get prompted for an email address if your OpenID provider doesn’t send it along.
  2. You will need decode some word images courtesy of reCAPTCHA (a really cool service which doubles as a book digitization tool for Carnegie Mellon!)
  3. You will get an email and need to confirm that you’ve received it via a generated URL.

These steps are in place for users registering directly on the site– er, rather, they’re in place for the rogue users who want to abuse the registration. There are very often long stretches of time where I can’t monitor who logs in and leaves comments, and I’d just prefer err on the side of safety. I’ve studied online accountability enough.

The catch is that these steps are also stuck in place for users who are coming in via OpenID, so they are obviously redundant. I assume the drupal module developers are aware of this.

Also, I’d still like to achieve my goal of having people use their real names here. I assume, at a certain point, webmasters like me will be to choose an authenticated (credit-card) identity service if they so choose. As a reader, I wouldn’t object to paying a few dollars a year for an authentication service (eBay/PayPal, surely you are planning this.) And, since such a site might track where you login, it could serve as a distribution service for micropayments.

» Login or register to post comments