OpenID is a specification for doing decentralized authentication of users on the Internet. It allows you to send your credentials to multiple OpenID-enabled sites, while using only one password to authenticate to your OpenID provider – which can be your very own server. It’s a neat idea to move closer towards a single sign-on implementation for the web at large. So far some pretty big names have committed to using OpenID, including Microsoft, AOL and, most recently, Digg. But, as with any new security protocol, it will take time to analyze and discover potential vulnerabilities.
If you’d like to try it out for yourself, simply register at MyOpenID and go to a supported website (they will provide some examples after you register).
