The OpenID Foundation will open the doors to the third OpenID Summit on Monday, September 12, 2011 around noon. Of course, you won’t be there, because you’ll be attending or livestreaming the TechCrunch Disrupt conference, but that doesn’t mean it won’t be interesting.
The event, which is co-sponsored by Microsoft and will be held at its Research Campus in Mountain View, will be used as the launch platform for Account Chooser, which is billed on the accompanying website as an “open standard and user interface guidelines for the next generation of web sign in”. The Account Chooser website, which went live rather quietly, was first spotted by Fusible. → Read More
Last week, as we rolled out our new Facebook Comments system, we noted that two useful options were pulled at the last second: Twitter and Google login. And today brings more proof of that: the code still exists and works in the comment plugin itself!
As dug up by Inside Facebook, a simple line of JavaScript can add back in the option for users to log-in with their Google and Twitter credentials from the Facebook Comment widget. And you can also enable MySpace and OpenID logins as well. In other words, many of you could get your wish, and be able to use something other than Facebook or Yahoo logins to comment on TechCrunch. → Read More
Google just made it easier for people with Yahoo accounts to sign up for a Google account. With one click, you can now use your Yahoo credentials to sign up for a Google account such as Gmail, Google Docs, Google Reader, or even AdWords. The one-click sign-up is done using OpenID, which both Google and Yahoo support. It also uses the OAuth authentication method quickly becoming the standard across the Web (it is the same one Twitter uses with third party apps and sites).
The idea is that instead of signing in with your Yahoo ID, and then clicking off to your Yahoo mail to click on a verification link, a button just takes you to a sign-in page on Yahoo, which verifies your account to Google, and then sends you back. It is a much more civilized way to sign into a site using an existing ID. Google first combined OpenID and OAuth back in January, 2009 with Plaxo on a test basis. → Read More
As part of its push to go more social, Google has been attempting to unify its various account profiles into one Google Profile. And now it’s more useful. Google’s Brad Fitzpatrick has just tweeted out that Google Profiles can now be used as OpenIDs.
What this means is that you can sign into any site that accepts OpenID simply by using your Google Profile domain. Luckily, a few months ago Google started allowing these profiles to have vanity URLs, like /mgsiegler, instead of the previous /32090329039402903. Chris Messina, a huge proponent of the open web movement, has just sent out a picture of what signing in with OpenID via your Google Profile looks like (below). → Read More
During the video interview with OpenID evangelist Chris Messina I recorded earlier this year at a German conference about the state of OpenID, he expressed his wish that the Obama administration would soon start to embrace the decentralized, single sign-on method as a way for citizens to engage with the U.S. government online. Four months later, it looks like his dreams are becoming reality.
Later this morning at the Gov 2.0 Summit, Federal Government CIO Vivek Kundra will talk about data.gov and other governmental transparency initiatives, and will also be making an announcement regarding the launch of a open identity initiative featuring the use of both OpenID and InfoCards in a special pilot program.
Make no mistake about it: this has the potential to change the way citizens participate in and communicate with the U.S. government. → Read More
There’s some excitement around the web today among a certain group of high profile techies. What are they so excited about? Something called WebFinger, and the fact that Google is apparently getting serious about supporting it. So what is it?
It’s an extension of something called the “finger protocol” that was used in the earlier days of the web to identify people by their email addresses. As the web expanded, the finger protocol faded out, but the idea of needing a unified way to identify yourself has not. That’s why you keep hearing about OpenID and the like all the time.
But those standards, while open, have failed to latch on in a meaningful way with the public at large. One of the holdups is that you have to set up a website or service you use to be your OpenID. It’s relatively easy to do, and you may already have one ready to go, but just not realize it. But it’s still kind of tricky to explain to a regular web user — wait, you login with your website? → Read More
In an e-mail to its user base and with a short notice on its main website, FreeYourID has announced that it will be shutting down its service after nearly two years and a half in business. After August 15, the web service will be discontinued without a hint of explanation about the reason for the folding, although we suspect it may have something to do with VeriSign taking over the service’s main backer late last year.
When FreeYourID launched in February 2007, we dubbed it a personalized OpenID, because it allowed users to register a unique .name domain name (e.g. first.last.name) which in turn could be used as a custom, personal OpenID identifier, website URL and e-mail host. Alas, it never got any significant traction. → Read More
It’s one thing when Internet companies like Facebook adopt OpenID, it’s another when a giant retailer like Sears Holdings Corporation embraces it. Sears has just announced that it will enable over 1 million monthly MySears and MyKmart visitors to use their Google, Facebook, MySpace, Twitter or other accounts to log into the community websites, enabling them to write product reviews and share information about products and services without the need to create a separate account.
Customers will also get access to special offers and coupons in return for their participation in the community. → Read More
Bad news for Portland-based Open-ID startup Vidoop (as well as Vidoop partners like AOL, MySpace and Flock): it’s apparently out of business. Earlier this month the company announced layoffs, but based on an email string that was forwarded to us, the company is now “officially out of business” and winding down.
From CEO Joel Norvell to Vidoop insiders, where he says that the company has no funds to pay wages or other liabilities, and that employees are being offered computers in lieu of wages: → Read More
The last video interview I did at the Next09 conference in Hamburg that I wanted to feature here on TechCrunch is the conversation I had with mr. Captain Web 2.0 himself, open web advocate Chris Messina. Besides his involvements with Citizen Agency, the DiSo Project and Vidoop, Messina somehow finds the time to also be closely involved with the OpenID Foundation as a board member and persistent evangelist, so we talked about that a little.
Messina and I talked about the current state of OpenID, the love from Facebook, how he hopes the government will once become a massive relying party, the challenges ahead and more specifically if OpenID has a chance against Facebook Connect, Google Friend Connect, Twitter Connect, etc. → Read More
Apparently it’s embrace the developer community day at Facebook. In addition to the news that they are making activity stream data available to third party developers, they’ll also be making an announcement around OpenID, we’ve heard. And importantly, the announcement is that they’ll become what’s called a relying party, meaning anyone with an OpenID (Yahoo, Google, AOL, MySpace are all issuers, and Microsoft is in beta) can create and log into a Facebook account using those credentials.
Let me take a step back. OpenID is a distributed single sign on solution that allows people to sign into different services with the same login credentials. There are two ways companies/websites can participate in the OpenID framework – as “issuing parties” or as “relying parties.” Issuing parties make their user accounts OpenID compatible. Relying parties are websites that allow users to sign into their sites with credentials from Issuing parties. Of course, sites can also be both. In fact, if they aren’t both it can be confusing and isn’t a good user experience.
All the big guys are now Issuing Parties, which allow their users logging in all over the Internet with those credentials. But none of them accept IDs from anywhere else, so anyone that uses their services has to create new credentials with them. It’s all gain, no pain. There are two exceptions – AOL Mapquest and Google’s Blogger – but for the most part the big guys are issuers, not relying parties. And that has led us in the past to accuse them of exploiting OpenID for their own benefit without giving back to the community. See our post Is OpenID Being Exploited By The Big Internet Companies?
→ Read More
This guest post is written by Kevin Marks, Developer Advocate for OpenSocial at Google. Over the last 20 years he has alternated between giant companies and founding startups – BBC, The UK MultiMedia Corporation, Apple QuickTime, Technorati and now Google. He is one of the driving forces behind microformats.org and advisor to the Open Rights Group. He wants you to remember that URLs are people too, and his URL is http://epeus.blogspot.com. In this Q&A-style post, Kevin delves into the standards that make up the emerging open social stack (OpenID, OAuth, Portable Contacts, and OpenSocial), looking at the infrastructure problems they address, and exploring some of the live implementations, including Plaxo and Google Friend Connect. Q: We keep hearing that “Google wants to make the web more social.” What does that mean? Everything on the web is more interesting when it takes place with friends. Today’s social networking sites, are the online contexts where you and your friends go to be social, and the time we spend on them shows the attraction. But the model of going to a single website to interact with other people is changing. In the future, we expect everything on the web will become more social, augmenting the many things you already do on the web. Whether you’re shopping, deciding what to read, or researching a topic, knowing what your friends, or family, or the people you respect think about that product, book, or source of information is a vital part of the web. I call this the “social cloud,” meaning that “social” will be integrated with the web so that you don’t think about it anymore. Charlene Li calls this same idea “social networks become like air.” The web itself is like this — following links seems like second nature to us because we know a URL can take us anywhere. Social isn’t there yet, but that’s the highest level goal of the OpenSocial project — to make interacting with people a natural part of how we use the web Q: What are the hurdles to the web becoming more social today? For every website to become social, each site needs to know something about you and who your friends are. How do they solve this now? By asking you to fill out a form and by spamming all your friends. For many people, that’s enough of a deterrent that they will simply leave the → Read More
The OpenID Foundation has just announced that Facebook’s Luke Shepard will be joining the OpenID board as a corporate member, and that Facebook has made a $50,000 donation to the cause. The news marks the first time Facebook has officially signed on with the campaign, though some of its employees have been actively involved with improving the open standard for some time. At this point it’s unclear exactly what change this will bring to Facebook. Facebook’s increasingly popular Connect product, which allows users to secure use their Facebook ID’s as logins across over 4,000 sites (including ours), is a closed and proprietary system. But it is also very well designed – members from the Facebook Connect team have given several talks in the hopes of improving the OpenID effort, and are holding an event on the topic next week. From Facebook’s development blog: As we’ve launched and built Facebook Connect, we’ve been participants in OpenID efforts. One of our user experience experts, Julie Zhuo, presented at the UX Summit in October. Several of our engineers have been participating in meetups, and one of them ran as a community member for a board seat. We’re happy to announce today that we are formalizing our support of the OpenID Foundation by officially joining the board. It is our hope that we can take the success of Facebook Connect and work together with the community to build easy-to-use, safe, open and secure distributed identity frameworks for use across the Web. As a next step in that effort, we will be hosting an OpenID Design Summit next week here at Facebook headquarters in Palo Alto. Facebook is apparently “building up momentum towards their adoption of OpenID as a standard”, but that too is ambiguous – many companies have signed on as “issuing parties”, meaning they’ll allow their IDs to be used elsewhere. But far fewer have been “accepting parties”, which means that accounts from other sites can be used to log-in to their services. OpenID has long been exploited by major internet brands who have pledged support to the cause (and reaped the positive press), only to put their plans on the backburner indefinitely. That said, even if Facebook doesn’t wind up implementing OpenID, it sounds like they’ll at least help make it a little easier to use. → Read More
Today, Google and Plaxo released a hybrid protocol that combines OpenID, the open online identity standard, with OAuth, the secure data portability standard. Too often, when a Website wants to import your contacts from another Web service, it asks for your login and pasowrd credentials. OAuth gets around that by sending you back to the original site where you login and authorize the one-time transfer of data. It is much more secure. And now it works with OpenID.
So far, this is just a test between Plaxo and Google, where a Plaxo member can invite someone via Gmail. Plaxo marketing VP John McCrea argues that this approach is: → Read More
You may not know it, but you probably have an OpenID. If you have a Yahoo account, you have an OpenID. If you have a Windows Live account, you will soon have an OpenID. And today, if you have a Google e-mail account, you can also start using your Gmail address as an OpenID.
By joining the OpenID movement, Google completes the trifecta and adds all of its Gmail users to the hundreds of millions of Yahoo and Windows Live accounts that can also be used as a single login for any Website that accepts OpenID. While Google is more than happy to become an issuer of OpenIDs, what is not so clear is whether it will accept other OpenIDs for people who want to sign up for Google services. → Read More
Login standard OpenID has gotten a huge boost today from Microsoft, as the company has announced that users will soon be able to login to any OpenID site using their Windows Live IDs. With over 400 million Windows Live accounts (many of which see frequent use on the Live’s Mail and Messenger services), the announcement is a massive win for OpenID. And Microsoft isn’t just supporting OpenID – the announcement goes as far as to call it the de facto login standard.
The news parallels Yahoo’s announcement in January that users would be able to use their Yahoo IDs on any OpenID site – a move that instantly tripled the protocol’s potential user base. But it also comes with the same caveat that we had with the Yahoo news: while Windows Live accounts will work for logging into other sites, it’s unclear if Live will become a “relying party” that would allow users to login with third party OpenIDs.
Bill Gates initially pledged support for OpenID in early 2007, but the company has been slow to actually implement it (unfortunately this has been a trend in the industry). For now Live’s role as an OpenID provider is in testing, with widespread support planned for “sometime in 2009″. If you’d like to try it out now, check out the instructions on the blog post here. → Read More
Editor’s Note: This post was contributed by John McCrea, VP of marketing for Plaxo, which is at the vanguard of the data portability movement. He also blogs at The Real McCrea and does a weekly video podcast about “opening up the Social Web” together with Joseph Smarr, David Recordon, and Chris Messina at The Social Web TV. As some of you know, I am a strong advocate of an evolution from the “walled garden” model of social networking toward an open Social Web, characterized by interoperability and data portability. Along the way, I have been both a cheerleader for all of the building blocks of the new “open stack” (including OpenID, OAuth, XRDS-Simple, microformats, Portable Contacts, and OpenSocial) and one of the most vocal critics of Facebook. Over the past two years, I have never missed a chance to point out Facebook’s absence from any key event or announcement around the “open” movement. And I’ve tried many different techniques to encourage Facebook down the open path, some more controversial than others. But I had an “aha moment” on Monday of this week at a rather historic event that could only happen in Silicon Valley – a User Experience (UX) Summit for OpenID which brought together representatives from Google, Yahoo, MySpace, Microsoft, AOL, Plaxo, and others. The stated reason for assembling this group, most of whom are in direct competition with each other, was in reaction to recent usability studies on OpenID (one by Yahoo and one by Google), which made it clear that the current implementations of OpenID are confusing to mainstream users. The unstated reason that fifty of us packed together, shoulder-to-shoulder, was to muster a collective response to Facebook Connect. You see, it’s been about a month since the first implementation of Facebook Connect was spotted in the wild over at CBS’s celebrity gossip site, TheInsider.com. Want to sign up for the site? Click a single button. A little Facebook window pops up to confirm that you want to connect via your Facebook account. One more click – and you’re done. You’ve got a new account, a mini profile with your Facebook photo, and access to that subset of your Facebook friends who have also connected their accounts to TheInsider. Oh, and you can have your activities on TheInsider flow into your Facebook news feed automatically. All that, without having to create and remember a new username/password pair → Read More
Verisign’s new Personal Identity Portal (PIP from now on) isn’t the sexiest application out there to help you manage passwords. But it has Verisign’s strong reputation for security behind it, and it is a surprisingly easy way to manage website credentials. PIP is a a single sign in solution that supports both OpenID (you are issued a Verisign OpenID) and direct sign in to a number of supported websites. If a site doesn’t support OpenID, login is handled by populating the username and password fields directly. So far, PIP isn’t much different than the previously covered Clickpass and other solutions. It supports a lot more sites, however. And it also handles signin directly from a bookmarklet that resides directly in the browser chrome. Being Verisign, they’ve also added optional support for two factor authentication. Users can choose to receive a unique one time security token for each login, and/or get a browser-side certificate. Most users will find this overkill. From a usability standpoint, the biggest drawback is the need to stay logged in to an active PIP browser session. Users could set it to their home page, I guess, and make it the first sign each time they use their browser. One use case that is particularly compelling – mobile devices. Verisign says iPhone support is coming very soon – Verisign says they are experiencing “a few challenges with certificates on the iPhone Safari.” A last, possibly unintended feature: the pop up box is a great easy navigation tool for much-visited sites. → Read More
MySpace is rolling out a couple of announcements this morning a day ahead of Facebook’s F8 developer conference. The first is confirmation of our story that they are supporting OpenID, although they aren’t releasing any details (It’s our belief that they will first issue OpenID IDs, and possibly become a relying party later). The company is also announcing the launch of two new Data Availability integrations: Flixster and Eventful (we built what we believe is the first Data Availability app last month). MySpace is also making a core policy change to Data Availability. Previously third party services were not allowed to store any MySpace user profile information at all – they simply requested it from MySpace, used it to create a web page and then dumped it. Now MySpace is allowing 24-hour caches of profile information, and permanent caches of certain “core elements” of a user profile. Screen Shots: CrunchBase Information MySpace OpenID MySpace Data Availability Information provided by CrunchBase → Read More
San Francisco, CA
