Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What reasons are there NOT to use OpenID?

You see a fair bit (in the Geek community anyway) about OpenID. It seems like a good idea. I'm developing a website that will be targeted at a somewhat less geeky audience (but not quite Mom and Pops either) so I have to wonder if OpenID is going to be "too hard" for some audiences.

What do you think? That aside, are there any other technical or non-technical reasons NOT to use OpenID?

like image 677
cletus Avatar asked Jan 03 '09 23:01

cletus


People also ask

What are the possible drawbacks of the OpenID system?

The disadvantages are (I could imagine): Hostile OpenID providers (spam?) authenticating their spambots etc. Other security concerns by allowing a third party to authenticate your users.

Is OpenID safe?

OpenID itself is secure, however due to its decentralised nature it often assumes that three servers are "trusted". If these servers are not trustworthy then your security is gone.

Is OpenID obsolete?

This page lists libraries for OpenID 2.0 – a now obsolete specification. OpenID 2.0 has been superseded by OpenID Connect.

Why do we need OpenID?

OpenID Connect lets developers authenticate their users across websites and apps without having to own and manage password files. For the app builder, it provides a secure verifiable, answer to the question: “What is the identity of the person currently using the browser or native app that is connected to me?”


1 Answers

It may be slightly inaccurate to say that the average person doesn't understand OpenID.

In most cases, with a little persuasive marketing (ie "USE ONE LOGIN ON ALL SITES!!!11!) they can understand that it allows them to log in at sites using one login rather than having a bunch of different usernames and passwords at different sites.

The problem, however, is that to an average user, the whole OpenID experience goes against what they believe online security to be.

  • Users won't automatically trust it

    With normal username/password logins, users understand that a password should be kept secret, and that's what protects their privacy when they log in at a site. How are they to understand the exchange that goes on between an OpenID client site and their OpenID provider? All they know is they didn't have to put in a password (assuming they're "always logged in" at their OpenID provider) - so it's not secure, right? I mean, in the eyes of a user, how can it be secure if they didn't give a password? This can lead to user mistrust.

  • It makes phishing easy

    (Many) users know that it is wrong to re-use the same password for different accounts, yet this appears to be precisely what OpenID is doing. What if a user simply assumes that all their OpenID provider is doing is sharing their password with all participating sites? I mean, how else could OpenID be 'logging in for them' on all these sites? If the user assumes that through OpenID, their password becomes known to all participating OpenID sites, they may assume that it is quite reasonable to give out this password to any of those sites. It's a phishing nightmare. Imagine putting this phrase on your site: "Please enter your (some OpenID provider) username [ ] and password [ ]". You're phishing people already.

    We mustn't forget, too, that a user would be right in their suspicions in one regard even if for a slightly different reason: if someone gains access to their OpenID provider they gain access to their identity at all sites where they have used that identity, which is the same downside to using the same password at multiple sites.

  • It deviates too much from what users understand

    Having multiple usernames/passwords at different sites is not difficult for users to understand. Users understand the concept of a usernames and passwords well, because they are used to them, and the point of security (the fact that the password is a secret) is really obvious to them. It's really clear how a password works. Having multiple username and password combinations does not make this any more confusing or complicated - it is just the same thing, but more than one of them. While remembering multiple passwords can be difficult, users at least know how to do it, and how it works.

    OpenID tries to solve the problem of remembering multiple passwords, but in the process it creates an entirely new paradigm, one which is completely opaque to the users. Unlike a password, whose security is obvious (it just has to be secret), all of the security of OpenID goes on behind the scenes, with sites communicating with each other, keys and hashes, etc. The user no longer fully understands how their privacy is being protected or what is to be kept secret from whom, because they don't understand how the system works. So, in an attempt to solve a problem of remembering multiple passwords, OpenID has created a mystical system of key-exchanges that violates the user's whole understanding of how authentication works and why it's secure.

like image 68
thomasrutter Avatar answered Oct 11 '22 16:10

thomasrutter