openid
14 ResultsDictionary
OpenID
An identity system for the Web that lets people use a single username and password to log in and authenticate themselves to OpenID-compliant Web sites. OpenID is a free system that is distributed...
Dictionary
Definition: OpenID
An identity system for the Web that lets people use a single username and password to log in and authenticate themselves to OpenID-compliant Web sites. OpenID is a free system that is distributed across the Internet and maintained by numerous organizations, including major sites such as AOL and Yahoo!.
OpenID is also supported in the emerging identity metasystem and can be one of many ID card choices displayed in the card selector's window (see identity metasystem).
Whom Do You Trust?
A major feature of OpenID is that users can decide which OpenID identity provider they trust the most to authenticate them. In fact, users can also become their own identity provider.
The Relying Party Queries the Identity Provider
A Web site that accepts OpenID is known as a "relying party," because it relies on an OpenID identity provider (IdP) for authentication. The OpenID username, called an "OpenID identifier," can be the URL of the provider with username appended, or it can be an XRI i-name if the relying party accepts it. I-names are human-friendly names, such as "=john.doe," that are linked to the OpenID provider, just like domain names are resolved by the DNS system into actual IP addresses on the Internet (see i-name).
When a user logs into an OpenID Web site, the script in the Web page redirects the browser to the identity provider. Using a password or other method, the identity provider attempts to authenticate the user and informs the Web site of its success or failure. For more information, visit www.openid.net. See single sign-on and identity metasystem.
An OpenID Authentication
This is a simplified example of the OpenID authentication sequence. What is not shown is that right after a user logs in, the relying party and identity provider typically share secret keys so that subsequent transactions are more secure.
Hacker-Proof OpenID
Instead of using a password that can be stolen, the myVidoop OpenID system (www.myvidoop.com) uses a different one each time. When creating a myVidoop account, users choose topics, and for authentication, myVidoop displays those topics in random order. In this example, if the topics were computers, money and cars, the password would be X-H-K for this session only. The next time, images and order will change.
THIS DEFINITION IS FOR PERSONAL USE ONLY
All other reproduction is strictly prohibited without permission from the publisher.
© 1981-2010 The Computer Language Company Inc. All rights reserved.
Sponsored White Papers, Webcasts & Resources
-
The Best Ways to Migrate Lotus Notes Applications to SharePoint and Office 365
Check out this white paper to learn more about migrating from Lotus Notes to SharePoint and Office 365.
-
Phishers hooking Facebook, Twitter, Google, Yahoo passwords
Phishers are actively trolling the Internet trying to trick users into giving up their OpenID-based log-in credentials to popular social networking sites.
-
Researchers discover "worrisome" authentication flaws in many online services, sites
Bugs discovered in Web-based single sign-on services and sites run by the likes of Facebook, Google, Twitter and PayPal can allow hackers to gain access to a user's account, researchers have...
-
Hackers, standards and non-profits: A trinity to rescue Internet identity?
Identity on the Internet is in need of an overhaul. Are forces coming together to start the revolution or are traditional foils such as trust still too much to overcome?
-
BrowserID testing waters, but missing pieces weaken story
The Mozilla Foundation is finally testing its BrowserID authentication system, but a missing part of the architecture used to validate a user's credentials is a big gap the Foundation must address.
-
Let's get rid of usernames and passwords for good
Username and password combinations are old, outdated, confusing and often taken over by other tools. Can the next-generation inspire a solution to this?
-
-
OpenID biggest government boost yet for open source
All this means opponents of the current Administration are bound to see OpenID as some sort of "mark of the beast." But if Bush did it Democrats would feel that way, so you can't win.
-
OpenID, meet the U.S. government
The U.S. government has now joined the OpenID effort. Ten technology players said Wednesday that they will support President Obama's initial pilot programs to make it easier to register and work...
-
Google Apps users to get OpenID authentication
Google is about to announce OpenID log-in functionality for enterprise users of its Apps productivity suite.
-
Facebook plays OpenID relay (with Gmail)
Facebook has started its implementation of OpenID with the first phase allowing new users to register with their Gmail accounts. Current users can connect Facebook with other OpenID accounts. ...
-
Will OpenID catch on?
A survey of more than 300 people shows that few people have heard of OpenID, and even fewer are actually using it. Chris Messina, the guy with the guitar pictured here, has written up results of...
-
Google supports OpenID, kind of
Google has just started supporting (kind of) the OpenID standard for authentication. The problem is that Google has mangled the protocol -- the most noticeable change is how the username is an...
-
Enterprise cloud computing gathers steam
The days when organizations carefully cultivated vast data centers consisting of an endless sea of hardware and software are not over, at least not yet. However, the groundwork for their eventual...
-
Could some uses of OpenID create a large privacy issue?
I just finished a news story about VeriSign's (NASDAQ: VRSN) secure OpenID services chosen by Microsoft for HealthVault users. The story discusses VeriSign's DNS services and its OpenID services...
-
Microsoft and Google join OpenID, but where's Cisco?
TechMeme is reporting that Microsoft, Google, Verisign, and IBM have all joined the OpenID board. Yahoo and Google are involved or getting involved with OpenID. But that's not enough. As Michael...
Additional Results
-
Phishers hooking Facebook, Twitter, Google, Yahoo passwords
Phishers are actively trolling the Internet trying to trick users into giving up their OpenID-based log-in credentials to popular social networking sites.
-
Researchers discover "worrisome" authentication flaws in many online services, sites
Bugs discovered in Web-based single sign-on services and sites run by the likes of Facebook, Google, Twitter and PayPal can allow hackers to gain access to a user's account, researchers have...
-
Hackers, standards and non-profits: A trinity to rescue Internet identity?
Identity on the Internet is in need of an overhaul. Are forces coming together to start the revolution or are traditional foils such as trust still too much to overcome?
-
BrowserID testing waters, but missing pieces weaken story
The Mozilla Foundation is finally testing its BrowserID authentication system, but a missing part of the architecture used to validate a user's credentials is a big gap the Foundation must address.
-
Let's get rid of usernames and passwords for good
Username and password combinations are old, outdated, confusing and often taken over by other tools. Can the next-generation inspire a solution to this?
-
OpenID biggest government boost yet for open source
All this means opponents of the current Administration are bound to see OpenID as some sort of "mark of the beast." But if Bush did it Democrats would feel that way, so you can't win.
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
