Is OpenID Living Up to Our Expectations?

I like signing up with my google account to other sites like stackoverflow for example. It's just easier. Maybe it's not smooth or optimal but it works.

Don't listen to those people, they're complainers.

Glad you like it. Your argument that we're "complainers" is very well thought out and compelling - however I might suggest that you give a read to the articles cited. As mentioned, I was a proponent - not anymore.

Finally - what you like is federated single sign-on with Google. Not Open ID. I like that too. I don't like Open ID. It's been mangled and held hostage.

As Duraid said, StackOverflow makes great use of it. No many sites using it though.

And about this:

The user doesn't need to know it's OpenID (Google, Yahoo, AOL), or OAuth (Facebook, MySpace, Twitter), or proprietary (Microsoft, etc).

You may bash OpenID as much as you please but I almost gave up on posting this comment when I realized I had to register first. I started laughing as the situation actually. Only the fact that I remembered I already had an account made me stay on the site and participate in the discussion. Maybe I should say "I like federated single sign on" or whatever, but I like what OpenID gives as nevertheless.
Also, the website I'm developing at the moment supports OpenID. It was one of the first features I implemented. Registering over and over sucks harder than anything else on the web. Maybe OpenID is a solution with many flaws but it still solves the biggest issue.

I've been on the Yadis/OpenID mailing list at the very beginning. I've even implemented an early consumer library. But I gave the protocol up quickly after it became apparent the designers had neither competency in HTTP, nor usability, and actively fucked any potential privacy advantages of the scheme.

There's one important aspect of OpenID that needs to be pointed here. It was never intended as general login and authentication protocol. It's original purpose was to be a homepage URL verification service. The targeted user base were bloggers who did want to reliably identify each other. And that's not just semantic hair-splitting.

After its rise in adoption OpenID was reinterpreted and repurposed as login framework. But URLs (or URIs as the hipsters say) were at the very core of the protocol. Which makes it a big failure for use by the general population. A nice login UX with provider logos and just a login name cannot conceal this.
There were many advocates for user@provider handles and other usability features from the start. But this was ignored until recently with OpenID3/WebFinger. But I guess it's way too late and cannot make up for the other issues either. Let's hope it fades away soon, because it's blocking the way for alternatives. (OAuth isn't. And even as Microsoft-basher, I have to admit they might have the better alternative with Passport/Cardspace.)

As a user, I have been tired with endless register form, ask me to type a unique userid, type password twice and ensure it's strong enough, and at last, a captcha makes me to waste lot time to retry, retype password again and again, WTF experience ! OpenID just makes it easier, I use myopenid which offer me a easy-to-remember url and I can just create my account with two or three steps .

As a developer, I would like to prefer openid as a high uniformed standard available by several providers instead of some vendor-specific solutions.

I am also tired with endless register form, userId, Password, confirmation email ...
There is a problem and a growing one as there are more and more site to register to.

I use OpenId and Google Account. It is not perfect but it saved me 2 or 3 registrations. I am implementing SAML/Shibboleth so I know SAML better than OpenID. They really thought about privacy and federation.

I don't care which solution is use as long as it works well and avoid me to register on all the sites I want to interact with.

I had a blog on blogger.com : jradix.blogspot.com

I have created accounts on many sites with my Blogger OpenID : jradix.blogspot.com/

I have bought a domain name for my blog : www.jeromeradix.com

Now, when I want to log onto sites where I have an account, when I enter jradix.blogspot.com/ as my openID, it is redirected to jeromeradix.com and the site now wants to create a new account !
I have no way to tell the site that I want to associate this new openID to my old account.

The only way to do it is to change my blog back to jradix.blogspot.com, then log onto the site with my OpenID. If the site allows me to add new openIDs, I can switch my blog to jeromeradix.com (while I'm connected using jradix.blogspot.com) and then, on the site, add jeromeradix.com as a new OpenID.

So, when designing a site with OpenID, at least allow your users to have many openIDs associated to one account. Thanks !

This is not only a Blogger.com problem, it's a problem when you don't want to be locked to only one OpenID hosting service.

UPDATE : I've found a way to bypass the problem.

See this :

blog.stackoverflow.com/2009/01/using-your-own-u...

Hi milki milki, would you be so kind as to edit your preferences and include your real name? We have a real name policy on the site to encourage open and serious discussion.

thanks,

Floyd

It's a problem that there are so many openid providers, it's also a problem that someone has no google account(?) or other account.
but I like singing up with google account. If there are other openid providers for me to choose, I will confused.
Maybe that is the site's problem, not openid's

OpenID only gives standard information such as username & mail id. Now my sales guy wants additional user information such as Company, Geography & contact details specific to the site.

So lets put another registration screen after login to get these and make sure that the user runs away from the site forever. Great technology!

Personally I am tired of having one account per site. I cannot manage to remember all the usernames and passwords. OpenId serves a real need, and the argumets here against it is from vendors point of view and weak. For example:
- Proponents [of OpenID] are literally expecting people to sign up for yet another third-party service, in some cases log in by typing in a URL, and at best flip away to another branded service's page to log in and, in many cases, answer an obscurely-worded prompt about allowing third-party credentials, all in order to log in to a site.

Every body has a Yahoo or gmail or Facebook account. so it is not really a problem. Plus if I choose a bad OppedId provider, it is my own problem

- What we've learned over the past three years is that it didn't actually make anything any simpler for the vast majority of our customers. Instead it just made things harder. Especially when people were having problems with the often flaky OpenID providers and couldn't log into their account. OpenID has been a burden on support since the day it was launched.

I didn't use basecamp heavily, but I loved the fact that I shouldn't remember yet another password for it! It seems that in this paragraph the main argument is the last one, maybe they shouldn't worry about supporting all that flaky providers.

- The OpenID login is hard to find on 37signals’ interface

Soooooo, is it the OpenID's fault and we should ditch it completely?

and so on