1) OpenID is a decentralized standard for user authentication on the web that allows users to sign in to multiple websites using a single digital identity.
2) With OpenID, a user's identity is represented by a URL rather than a username and password. This URL can be the user's blog, profile page, or identity page and allows them to assert ownership and tie together profiles across sites.
3) OpenID addresses common problems on the web by reducing signup overhead, allowing users to prove account ownership through APIs, and providing a unique identifier that can create a portable social graph not tied to any single authority.
12. • Each of these pages has a URL
• If the services supported it, each of these
URLs can be an OpenID
• This lets me assert ownership of my profile
• I can use OpenID to tie profiles together
across multiple sites
13. The social network problem
• Every site wants to know about my social
network
• Re-friending everyone on every site I visit is
tedious, and a major barrier to adoption
• The Facebook platform lets me reuse the
Facebook social graph - but I have to abide
by their rules
14. OpenID provides the globally
unique identifier needed to
create a portable social graph
16. 0
875
1,750
2,625
3,500
Se
p
'05
O
ct
N
ov
D
ec
Jan
'06
Fe
b
M
ar
Ap
r
M
ay
Ju
ne
Ju
ly
Au
g
Se
p
O
ct
N
ov
D
ec
Jan
'07
Fe
b
Total Relying Parties
M
ar
Ap
r
M
ay
Ju
ne
17.
18. What’s in it for you?
• Reduces the overhead for signing up for an
account on your service - great for
attracting early adopters
• The ability to “prove” ownership of your
account is an excellent complement to your
service’s Web Service API
• You can learn about a user’s profiles
elsewhere on the Web
19. Some FAQs
• Does this mean I no longer have a database
of user accounts?
• How do I know that an OpenID is a real
person, and not an evil spammer?
• Isn’t it a bad idea to outsource the security
of my users to a third party?
• What are the privacy implications of this?