

Bringing OpenID To The Masses: Clickpass (YC summer 07) - immad
http://www.techcrunch.com/2008/03/11/clickpass-could-change-the-way-you-surf-the-web/

======
immad
We are on Disqus, news.yc and plaxo at the moment.

If you want to skip the intermediate pages, <http://disqus.com/login> and
<https://www.plaxo.com/signin> :)

~~~
dfranke
I can't seem to get this to work on news.yc, at least with my self-hosted
OpenID (<http://openid.dfranke.us>). I go through my portal and then the
Clickpass portal and get redirected back to a news.yc closure URL, but it just
gives me a blank page and doesn't log me in.

~~~
immad
I just found a workaround and fixed it. Sorry for the delay

------
wallflower
>Naturally some concerns arise with any centralized login system. Doesn’t this
mean a thief only has to steal one password, your Clickpass password?

Clickpass with two-factor security (e.g. SecureID) might be worth paying a
subscription fee for

------
rglullis
Seems to me now that the HN post yesterday on Techcrunch was more of a
preparation to announce Clickpass and lure more TC users on its service.

Nice one-two movement.

~~~
pg
I assume you're joking, but in case you're not: it was a coincidence. We
didn't ask to be TechCrunched.

~~~
rglullis
It was just an observation. I think it is even better that it was a
coincidence. As the saying goes: "the harder you work, the luckier you get".

But even if it wasn't, I couldn't say that there was something unethical or
shady about it. Sorry if it seemed that I was implying something like that. It
was far from my intention.

~~~
SwellJoe
TC has always been very kind to YC and its startups. They seem to take the
view that startups are going to have a hard enough time without their first
media appearance ripping them apart over the usual early startup pains and
problems. TC readers that comment, on the other hand, are like a more vicious
and less literate TMZ that somehow views startups profiled at TC as "the other
half" who don't have to work for a living. Not entirely relevant to this
thread, but I've been pleasantly surprised by how nice the TC folks are in
print and in person, and they're enthusiastic about the whole YC concept.

------
axod
For me, the whole idea of openID is flawed from the start. Why would I want
_one_ point of failure? Why would I want to use the same login details for
every site I go to? That's kind of a very bad idea.

Sorry, but the whole openID thing seems like tech people making tech things
that they think are technically impressive. Rather than things that are useful
or solve problems for the average Joe.

There are enough password reminder/generator addons/programs etc, and most
browsers have such functionality these days.

Am I missing something?

~~~
bct
1\. 99% of people use the same login details on every site they go to anyways.
That's not likely to change. For those people OpenID is actually more secure,
since their password is only ever exposed to one site.

2\. Your email address is already a single point of failure for any sites with
a "Forgot my password" function.

IMO an OP can be made secure enough that the benefits of OpenID outweigh the
severity of a possible breach (at least for non-critical transactions).

~~~
axod
Good points. So I guess the challenge is either to convince users that OpenID
gives them some advantage to just using their same old login details, or
convince website owners that it is a good idea. I guess we'll see how it works
out...

------
greg
And it works with news.yc.

~~~
benhoyt
Actually, it didn't for me. I click on "log in", then click the Clickpass
drop-down, type in my own OpenID, it goes through to MyOpenID and verified
that.

Then it takes me to the "merge with your existing Hacker News account", and I
type my correct username/password, but then I get redirected back to News.YC
and a blank page at something like
<http://news.ycombinator.com/x?fnid=j3tO1pS8ox>

~~~
thorax
A friend of mine had this same issue

~~~
immad
hmm, I see what the problem is.

My apologies, arc is a tricky language :). I am going to fix it and hopefully
pg will be able to push it soon.

~~~
immad
It works if you are logged in to Clickpass btw. But it was a mistake, gonna
fix it :)

------
pc
Congrats! Clickpass is going to be big.

------
tlrobinson
I can't seem to get my news.yc username linked up to my OpenID. I login to my
OpenID provider, then get to the point where I enter my news.yc username and
password, but then it takes me to a blank page on news.yc. :(

------
jey
Looks like logging in with the AOL OpenID provider doesn't work on news.yc. I
don't know if this is a news.yc bug or AOL OpenID bug.

------
spif
Clickpass feels more like a single-sign-on service, wasn't the purpose of
OpenID to negate this? Or am I missing something here?

~~~
petenixey
Hi Spif. Clickpass is a single-sign-on service. It's built on the OpenID
protocol.

~~~
spif
Thanks, I did get that part :-) I'm wondering though why this would be a
success where MS passport failed. Because it's not evil? Is usability the only
left that hampers uptake of openID?

~~~
alexfarran
Well I haven't had an OpenID until now.

Here's what I think you're saying: A feature of OpenID is that, unlike
passport, there is more than one ID provider. With Clickpass, although you can
use a generic OpenID the normal way, it works best if you have a Clickpass
account.

~~~
petenixey
That's a pretty good description Alex. We've tried to minimise the feature set
and whilst we've made sure that people can use their own OpenID if they want
to we figure most users won't. If it turns out that they do we'll switch to
making it an automatic feature.

------
bosshog
Peter Nixey: The UK's prodigal son, no? Congratulations to Clickpass. Looks
like a good service.

------
dhouston
great writeup -- congrats peter and immad!

------
tx
How do YC companies get on TC so easily?

~~~
dcurtis
Because Michael Arrington is in love with Paul Graham.

It's a secret affair, of course.

------
herdrick
Great stuff, way to go Peter and Immad!

------
maxwell
I like it. Congrats guys.

------
poppysan
this is gonna lead to a lot of dumb old ladies sending you spam because they
gave away their password. Can't wait!!!

