« Alternative energy: the next bubble

OpenID: first things first

Matt Mullenweg questions claims that OpenID is a workable spam blocking tool. Expanding on my comments there, I see at least three ways people are looking at using OpenID:

(1) As a way to prove you own the URL associated with your blog comment. This is the original problem that OpenID was designed to address, and although commenter impersonation isn’t a big problem for most blogs, OpenID is a great solution.

(2) As a way to identify yourself to a web site without having to create yet another username and password. This is web single sign-on, which addresses a real problem for those who want to easily use all the great web apps out there that aren’t part of Google/Yahoo/Microsoft (a big advantage of which is that you can then log in using their IDs, which you probably already have).

(3) As part of a way to calculate reputation, which can then be used to block spam or grant permissions. Other commenters point to ways in which OpenID is headed in this direction, but I think Matt’s point is that it isn’t there yet, and there are existing solutions that work reasonably well.

I think (2), web single sign-on, is by far the most compelling. It’s a big problem, and OpenID could be a big part of the solution. To me it makes a lot of sense to focus on getting some real traction for Web SSO before tackling the much tougher reputation / spam problem, which unlike Web SSO already has some workable solutions.

But looking at the progress of OpenID and Web SSO in general, what is the biggest barrier to widespread adoption? Lots of people talk about issues like security, technology, and usability, and these are all important. But as I’ve said before, the most important thing is to make it as easy as possible for site owners to adopt the system.

That means minimizing integration requirements and supporting the identity interfaces these sites already use. This is exactly what we’re trying to do at PrefPass, for OpenID as well as the other IDs that a lot of users already have: make it easy and risk-free for site owners to eliminate passwords for most of their users right now.

This entry was posted on Saturday, April 5th, 2008 at 8:21 am and is filed under Identity, Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Moderation is on, so your comment may not show up right away.