Too Many Passwords? Try OpenID.

As time moves on, and we all sign up for more and more web services, inevitably we're going to forget the various usernames and passwords we're forced to use to keep our personal information at least moderately protected from the possibility of identity theft or worse.

Not all sites make it easy to retrieve lost account information either - as I just found out myself with one credit card site that asked me for a "security word" without giving a hint. So what's an internet user to do?

Fortunately, where there's a need, there's generally a move to fill it. And so too with this need for a single sign-on for multiples sites.

Back in 2005, the creator of the blog farm LiveJournal developed the first version of OpenID - as a distributed mechanism for providing users with a single digital identity backed by robust security. The system was based on Light-Weight Identity (LID) that LiveJournal created jointly with NetMesh Inc. and Cordance Corp.

Anyone with an OpenID account can sign on to any of thousands of websites that use the system - including a growing number of major service providers like AOL, LiveJournal, WordPress, Microsoft, Yahoo and MySpace.

There are older single sign on systems like Windows Live ID (formerly Microsoft Passport), but using such enterprise systems requires handing your privacy and security over to a system solely controlled by a single corporation, while OpenID is decentralized between many certified ID providers - some corporations, some non-profits. OpenID itself is overseen by the non-profit OpenID Foundation.

Understanding how the OpenID system works is straightforward as long as you don't try to look under the hood too much.

First you sign up with an identity provider, which could be an established security company like VeriSign (as used by your pals here at Prometheus Labor Communications) or your own server if you choose to participate in the program. After providing your basic information, you are given a special URL (for example, YourName.VeriSign.Com). You can then sign into any OpenID site by providing that URL, then signing in via your identity provider - not the site you're signing into. Your identity provider exchanges verifies you to the site you're signing into. And that's it. You're in.

It has been said that OpenID together with microformats (discussed earlier this week in the distributed social networking post) will kill Facebook and other corporate social networking sites. That remains to be seen. But it looks like a great idea for labor to field its own OpenID identity provider sites - and provide OpenIDs for labor users, who may not otherwise trust the system at first.

As more labor folks start to use OpenID, there will be a great incentive for various unions and affiliated organizations to allow people to sign in using the system. Which would be a win-win for labor sites and labor users alike.

For more information, check out the following sites

http://openid.net/
http://en.wikipedia.org/wiki/OpenID
http://www.slideshare.net/maxmanders/an-introduction-to-openid
http://yadis.org/wiki/Main_Pagehttp://simonwillison.net/2007/Feb/25/six/ " rel="nofollow">
http://simonwillison.net/2007/Feb/25/six/ " rel="nofollow">http://simonwillison.net/2007/Feb/25/six/