Welcome to WebmasterWorld Guest from 54.147.217.76

Forum Moderators: martinibuster

Message Too Old, No Replies

Yahoo Supports OpenID 2.0 Standard Single Log Ins

   
3:38 pm on Jan 17, 2008 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



In one of the most significant moves yet in the growing push toward service interoperability on the Web, tech giant Yahoo announced Thursday that it is supporting the OpenID 2.0 standard for a universal Internet log-in.

Yahoo, which counts its registered users at 248 million worldwide, says that supporting OpenID will mean that OpenID-compatible accounts are available to a total of 368 million Web users. When Yahoo's support of OpenID goes live, starting with a public beta launch on January 30, this will mean that a Yahoo ID can be consolidated into an OpenID account that will be valid at all partner sites.

Yahoo Supports OpenID 2.0 Standard Single Log Ins [news.com]

5:17 pm on Jan 17, 2008 (gmt 0)

5+ Year Member



Oh, I can see it now, people don't use hard passwords...then the hackers can get it ALL in one fell swoop. That could be a disaster for many. Well, it'll make hacker's lives easier, LOL.
7:45 pm on Jan 17, 2008 (gmt 0)

5+ Year Member



I have to agree with WiseWebDude. This seems like a bad idea.

How hard is it to just login to your favourite sites when you need them?

8:06 pm on Jan 17, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I dont think there is much of a safety issue here, most of the mainstream public use the same userId/password across different websites now anyway!...So why not legitimize (the practice) with a central userid provider (hopefully with a strict password requirement)
9:34 pm on Jan 17, 2008 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



So why not legitimize (the practice) with a central userid provider (hopefully with a strict password requirement)

OpenID is decentralised

Not sure what the effect of it is, but you can even run your own OpenID server and use it everywhere that supports OpenID,

11:27 pm on Jan 17, 2008 (gmt 0)

10+ Year Member



Out of curiousity, what would you propose instead of one centralized password, whether it be strong or weak? A different strong password for every single web service/site? Then people will just keep them written down on a piece of paper under their keyboard. Now every janitor and passerby is more dangerous than your "hackers".
5:46 pm on Jan 18, 2008 (gmt 0)

5+ Year Member



I suggest people use a GOOD password creator/filler. I use a good program (paid for) that makes them for me at 40 digits, upper/lower case + numbers, copy and paste; this way I never, ever type in a password. If people want to be stupid and use one password for all their stuff then I guess let them...I'll come in here and laugh my butt off when people are freaking out that their ENTIRE life on the net was wiped out with one password (sorry sounds mean, but true). It is STUPID IMHO. Not long ago I was reading in here where some people had their Google accounts destroyed because they had one password for ALL of Google and lost lots of $ in Adsense as well. I cannot tell you how many people have contacted me freaking out that their password was hacked and got into everything, DUMB.
2:10 pm on Jan 20, 2008 (gmt 0)

5+ Year Member



This seems like a good idea. Yahoo has long been a pain because it seems to require YahooIDs for far too much. It's not hard to sign into a few favourite sites, but Yahoo hasn't been a favourite site for me for a long time and probably never will be again, so I really can't be bothered putting it into a proper security manager and maintaining a YahooID. If I could use my OpenID there instead of a YahooID, I'd probably visit Yahoo more.

However, this news item makes it sounds like Yahoo won't be accepting OpenIDs where they currently use YahooIDs - they'll just be letting people use their YahooIDs as OpenIDs. That's nowhere near as useful.

I'll wait and see what actually happens on 2008-01-30.

9:27 am on Jan 31, 2008 (gmt 0)

5+ Year Member



...what would you propose instead of one centralized password...? ... Then people will just keep them written down on a piece of paper under their keyboard. Now every janitor and passerby is more dangerous than your "hackers".

Janitors can't hit 1,000,000 houses in an afternoon. 15-25 tops and the chances that they find the pieces of paper with the passwords are, let's be fair, 10%.

10:22 am on Jan 31, 2008 (gmt 0)

5+ Year Member




so you guys mean that your logon password is not "password"? :)
11:22 am on Jan 31, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Now live at [openid.yahoo.com...]
4:23 pm on Jan 31, 2008 (gmt 0)

5+ Year Member



With open-id you can set up your own server, and like single-sign-on every time you login, your details are passed to an authentication server.

This is not a 'everyone using the same password list' situation.

:-)

5:52 pm on Jan 31, 2008 (gmt 0)

5+ Year Member



Can you actually point Yahoo at your own OpenID server and login to Yahoo with your non-Yahoo OpenID, or is this an audacious attempt to make people use Yahoo for everything?

If you can't delegate from Yahoo to another server, then this is brain-dead: all it takes is two sites to refuse to delegate and you're stuck with two logins - bye bye Single Sign-on.