Comments on: I want my OpenID

By: Slow technology adoption = adoption nonetheless » 16th letter » Blog Archive

Tue, 27 May 2008 21:57:57 +0000

[…] and on walks through the woods. People who try to own or control the conversation, whether by requiring a complicated registration processes or demanding that the conversation happens when and where they want it to, are going to […]

By: Matt

Matt — Tue, 29 Apr 2008 20:05:41 +0000

Sorry, the tags did not get posted. Wrap these with the less-than and greater-than symbols…

link rel=”openid.server” href=”http://www.myopenid.com/server”

link rel=”openid.delegate” href=”http://username.myopenid.com/”

By: Matt

Matt — Tue, 29 Apr 2008 20:04:50 +0000

I had an ah-ha moment when I realized that I can use simple tags in my own site to maintain my OpenID. This is great because my OpenID may change, but my personal URL probably will not.

By: mechanical_fish

mechanical_fish — Tue, 29 Apr 2008 16:58:56 +0000

The program that you’re looking for is called “1passwd”. You may have to buy a Mac to use it. I’m sure there’s a near-equivalent for Windows; if not, someone should write it and make a killing.

Alternatively, you could just do what every other user does and use the same password — or a password generated using a simple formula based on which site you’re logging in to — for every site like this one. I wouldn’t do that for your bank or your taxes or — god help you — your email login, but who cares if your AllThingsD account is compromised? What is the worst an attacker can do?

By: Shannon

Shannon — Tue, 29 Apr 2008 16:36:34 +0000

My solution might be helpful :-)

I used to keep a spreadsheet of usernames and passwords. I password protected it (with a password I knew I wouldn’t forget and much to the dismay of my husband (the security freak) I printed it and hid it in my office where I figured only I would find it when need be. I didn’t like the maintenance of my spreadsheet so I came up with a different plan.

Almost all websites allow 8 character passwords and increasingly they are requiring numbers and special characters in your password which ultimately makes it more secure. I came up with two password combinations that I use on every site depending on whether they allow/require a special character.

For example I will always try to use the more secure password first “action@1” (obviously not my real password) but if they don’t allow special characters I try “action01”. 99% of the time they accept one of the two passwords. Therefore I only have to remember two possible combos except for the rare occasion that I have to deviate from my usual passwords but since it’s rare I usually remember it….or if you’re so inclined you could document only the exceptions on your spreadsheet…which would still reduce time spent documenting your passwords.

By: Sean Brunnock

Sean Brunnock — Tue, 29 Apr 2008 15:39:39 +0000

Presumably, these websites want to verify your email address. If you sign up with OpenID, the websites won’t know what you email address is and won’t be able to communicate with you. If you want websites to communicate with you, then you’ll have to reveal your email address and honest websites will want to verify that it is your email address. I don’t see how OpenID remedy this situation.