There is this great post from Stefan Brands of Credentica on his Identity Corner blog. This is perhaps the most complete compendium on OpenID problems I have seen so far. Most of these I had heard of before, but a couple surprised me. This should be required reading for anyone who is thinking about adding OpenID authentication to a site.
That’s not to say OpenID doesn’t still provide value. But you should know the risks and limitations involved so you can gauge how appropriate it would be for your site. For instance it does seem to be reasonable for authenticating for adding blog comments and editing Wikis. It does not seem appropriate for highly sensitive applications such as online banking. There is, however, a whole spectrum of applications in between.
0 responses so far ↓
There are no comments yet...Kick things off by filling out the form below.