OpenID Explained

OpenID is different from how you log in today and will probably throw you off a little bit. We're here to help you learn what makes it useful and how to use it.

Why should I use OpenID?

Faster and easier to sign up

Comic about OpenID.  A man at a cash register says, “Want to sign up for a Food-Mart membership?” and the customer says excitedly, “No thanks, I'll just use my OpenID!” An OpenID is a way of identifying yourself no matter which web site you visit. It's like a driver's license for the entire Internet. But, it's even more than that because you can (if you want) associate information with your OpenID like your name and your e-mail address, and then you choose how much web sites get to see about you. This means that web sites that take advantage of OpenID won't bother you for the same information over and over again.

Faster and easier to sign in

OpenID also simplifies signing in. With OpenID you only have to remember one username and one password. That's because you log into websites with your OpenID, so your OpenID is the only thing you have to make secure. Now, you might already use one username and one password online, but OpenID lets you do this in a secure way. That's because you only give your password to your OpenID provider, and then your provider tells the websites you're visiting that you are who you say you are. No website other than your provider ever sees your password, so you don't have to worry about an insecure website compromising your identity.

A man is weighed down with seven heads, each one labeled with a different username of his.  A man wearing an OpenID sweatshirt stands tall and excited.  He says 'hi' to the hydra-man. Remembering all those usernames can really weigh you down!

Closer to a unified "web identity"

The logos of some of the larger companies getting behind OpenID: Microsoft, Aol, Livejournal, Orange, Plaxo, Bloglines, Six Apart, Sun Microsystems, Technorati, and WordPress.Lots of companies are getting behind OpenID. Because OpenID identifies you uniquely across the Internet, it is a way for web sites and other people to connect the different accounts you've created online into a more cohesive persona. Once you establish yourself as the person who uses a particular OpenID, whenever someone sees your OpenID in use, anywhere on the Internet, they'll know that it's you. Similarly, if you happen upon a new web site and see that someone with your friend's OpenID has made a comment, you can be almost certain that it was actually her and not somebody who, by coincidence, has the same name.

That said, you might be worried that OpenID is going to make all of your activities online transparent. Your OpenID does unify information about you, but it only unifies information that you've already made public. And, you get to choose, using OpenID, which information to spread and to whom.

Is OpenID secure?

OpenID is no less (or more) secure than what you use right now. It's true that if someone gets your OpenID's username and password, they can usurp your online identity. But, that's already possible. Most websites offer a service to e-mail you your password (or a new password) if you've forgotten it, which means that if someone breaks into your e-mail account, they can do just as much as they can if they get your OpenID's username and password. They can test websites with which they think you have an account and ask for a forgotten password. Similarly, if someone gains access to your OpenID, they can scour the Internet for places they think you have accounts and log in as you... but nothing else.

Regardless of whether you use OpenID or not, you should be careful about your username and password. When you type your username and password, make sure you're actually on the website you think you are (i.e., check the address).

Aren't I entrusting my whole identity to one website?

Yes and no. You can, if you like, have multiple OpenIDs, each of which has some information about you. (In fact, many websites let you associate multiple OpenIDs with the same account.) But, that ruins the simplicity of only having one username and password. That's why it's smart to get your OpenID from a website you trust, and one that you expect to stick around. See How do I get an OpenID? for more information on choosing a good OpenID provider.


... is proof of identity

It is a way to prove you are who you say you are

... is not a trust system

It cannot guarantee you aren't a jerk– or a spammer, or a robot, or...

... is used for signing up and logging in

You use OpenID to log into websites without making completely new accounts.

... is not Big Brother

It doesn't keep track of what you do on those websites; that is still controlled by the websites.

... is different

It does take some getting used to.

... is not complicated

As you get used to it, it gets easier and easier.

... is secure

You only entrust your password to one website, as opposed to all websites.

... is not the only answer

All of the tips you've learned for staying secure online still apply. Make sure to choose an OpenID Provider you trust!

... is a step towards a cohesive Identity

It can help connect your online identity. People can be sure who you are across multiple sites.

... is not the end of privacy

You can choose when you use it and how you use it.

... is taking over the world

There are over 27,000 OpenID enabled sites, and the number is growing.

... is not an elephant

OpenID is not an elephant.