Welcome to WebmasterWorld Guest from 54.166.37.177

Forum Moderators: martinibuster

Message Too Old, No Replies

Yahoo Supports OpenID 2.0 Standard Single Log Ins

     
3:38 pm on Jan 17, 2008 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:23532
votes: 413


In one of the most significant moves yet in the growing push toward service interoperability on the Web, tech giant Yahoo announced Thursday that it is supporting the OpenID 2.0 standard for a universal Internet log-in.

Yahoo, which counts its registered users at 248 million worldwide, says that supporting OpenID will mean that OpenID-compatible accounts are available to a total of 368 million Web users. When Yahoo's support of OpenID goes live, starting with a public beta launch on January 30, this will mean that a Yahoo ID can be consolidated into an OpenID account that will be valid at all partner sites.

Yahoo Supports OpenID 2.0 Standard Single Log Ins [news.com]

5:17 pm on Jan 17, 2008 (gmt 0)

Preferred Member

10+ Year Member

joined:June 8, 2006
posts:556
votes: 0


Oh, I can see it now, people don't use hard passwords...then the hackers can get it ALL in one fell swoop. That could be a disaster for many. Well, it'll make hacker's lives easier, LOL.
7:45 pm on Jan 17, 2008 (gmt 0)

Full Member

10+ Year Member

joined:May 3, 2006
posts:263
votes: 0


I have to agree with WiseWebDude. This seems like a bad idea.

How hard is it to just login to your favourite sites when you need them?

8:06 pm on Jan 17, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 10, 2001
posts:1459
votes: 0


I dont think there is much of a safety issue here, most of the mainstream public use the same userId/password across different websites now anyway!...So why not legitimize (the practice) with a central userid provider (hopefully with a strict password requirement)
9:34 pm on Jan 17, 2008 (gmt 0)

Senior Member from LK 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2591
votes: 60


So why not legitimize (the practice) with a central userid provider (hopefully with a strict password requirement)

OpenID is decentralised

Not sure what the effect of it is, but you can even run your own OpenID server and use it everywhere that supports OpenID,

11:27 pm on Jan 17, 2008 (gmt 0)

New User

10+ Year Member

joined:Aug 11, 2004
posts:9
votes: 0


Out of curiousity, what would you propose instead of one centralized password, whether it be strong or weak? A different strong password for every single web service/site? Then people will just keep them written down on a piece of paper under their keyboard. Now every janitor and passerby is more dangerous than your "hackers".
5:46 pm on Jan 18, 2008 (gmt 0)

Preferred Member

10+ Year Member

joined:June 8, 2006
posts:556
votes: 0


I suggest people use a GOOD password creator/filler. I use a good program (paid for) that makes them for me at 40 digits, upper/lower case + numbers, copy and paste; this way I never, ever type in a password. If people want to be stupid and use one password for all their stuff then I guess let them...I'll come in here and laugh my butt off when people are freaking out that their ENTIRE life on the net was wiped out with one password (sorry sounds mean, but true). It is STUPID IMHO. Not long ago I was reading in here where some people had their Google accounts destroyed because they had one password for ALL of Google and lost lots of $ in Adsense as well. I cannot tell you how many people have contacted me freaking out that their password was hacked and got into everything, DUMB.
2:10 pm on Jan 20, 2008 (gmt 0)

New User

5+ Year Member

joined:Oct 10, 2007
posts: 39
votes: 0


This seems like a good idea. Yahoo has long been a pain because it seems to require YahooIDs for far too much. It's not hard to sign into a few favourite sites, but Yahoo hasn't been a favourite site for me for a long time and probably never will be again, so I really can't be bothered putting it into a proper security manager and maintaining a YahooID. If I could use my OpenID there instead of a YahooID, I'd probably visit Yahoo more.

However, this news item makes it sounds like Yahoo won't be accepting OpenIDs where they currently use YahooIDs - they'll just be letting people use their YahooIDs as OpenIDs. That's nowhere near as useful.

I'll wait and see what actually happens on 2008-01-30.

9:27 am on Jan 31, 2008 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 10, 2006
posts:86
votes: 0


...what would you propose instead of one centralized password...? ... Then people will just keep them written down on a piece of paper under their keyboard. Now every janitor and passerby is more dangerous than your "hackers".

Janitors can't hit 1,000,000 houses in an afternoon. 15-25 tops and the chances that they find the pieces of paper with the passwords are, let's be fair, 10%.

10:22 am on Jan 31, 2008 (gmt 0)

Preferred Member

10+ Year Member

joined:Feb 10, 2006
posts:627
votes: 0



so you guys mean that your logon password is not "password"? :)
11:22 am on Jan 31, 2008 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member 10+ Year Member

joined:June 12, 2003
posts:713
votes: 15


Now live at [openid.yahoo.com...]
4:23 pm on Jan 31, 2008 (gmt 0)

New User

5+ Year Member

joined:Jan 31, 2008
posts:1
votes: 0


With open-id you can set up your own server, and like single-sign-on every time you login, your details are passed to an authentication server.

This is not a 'everyone using the same password list' situation.

:-)

5:52 pm on Jan 31, 2008 (gmt 0)

New User

5+ Year Member

joined:Oct 10, 2007
posts: 39
votes: 0


Can you actually point Yahoo at your own OpenID server and login to Yahoo with your non-Yahoo OpenID, or is this an audacious attempt to make people use Yahoo for everything?

If you can't delegate from Yahoo to another server, then this is brain-dead: all it takes is two sites to refuse to delegate and you're stuck with two logins - bye bye Single Sign-on.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members