It’s been a big week for OpenID, the idea that Internet users should be able to use a single username/password combination to login at any site, all via an open source protocol.
Earlier this week Microsoft (MSFT) called OpenID a “de facto standard” and pledged Windows Live ID support for the idea, and today Google (GOOG) added their voice to the chorus. With the two new Internet giants now behind OpenID, expect many more sites to begin deploying code to support incoming OpenID logins.
It’ll never happen — at least not the way it’s promised. For better or for worse, OpenID is one of those utopian ideas championed by “open”-type nerds — one that in actual practice never lives up to the “this will change everything” hype. Kind of like Linux as a consumer OS.
Google, for instance, is only going so far as to say they’ll support using your Gmail address to login into websites Google doesn’t run. In a true OpenID world, you’d be able to login to google.com with with a Yahoo (YHOO) or Windows Live identity, something we don’t yet see any sign of Google supporting. Likewise, we don’t yet see Microsoft accepting incoming OpenID logins from Google, nor Yahoo from Google, etc.
Confusing? That’s exactly the problem.
Why is why we don’t think OpenID will ever work as designed. Instead of creating an open-source “no one owns it” identity solution, the OpenID push will likely mean more small players will accept incoming logins, while the biggest players in identity management (Google, Yahoo, Microsoft, AOL) consolidate their hold on users. Which, as profit-minded competitors, they probably should. Not exactly the OpenID dream. But not surprising.
(For a longer, more entertaining essay abut OpenID’s myriad problems, see Ted Dziuba’s excellent “OpenID Is Why I Hate The Internet.”)