

OpenID worth implementing? - KevinMS

A few users (very few) are asking us to implement OpenID on our website.  It seems just a little while ago everybody was talking about it.  Now I never see anything about it except for the occasional login.<p>We don't want to know if its 'cool' to implement it, easy to implement, or if its still the latest hotness.  We're curious about actual stats.  Do people actually use it, or is it just a few evangelist who would just a soon use a regular login if they had to?<p>Be honest, is it just the hacker crowd that uses OpenID? People that will abandon you in a second if your competition suddenly offered an iphone app with voice recognition, or got on techcrunch because somebody was throwing money at them.<p>As many of you know, its not a matter of how difficult it is to implement.  Its a question of having to keep supporting it far into the future.
Once you give users something they get irate if you take it away, even if they don't use it.  And switching back to regular accounts will probably be awkward.  So if we go forward with this, we're probably stuck with this ball of code forever.
======
markpercival
I probably wouldn't implement it. I like OpenID, but I rarely use it these
days. The only time I use it is for setting up quick admin only interfaces on
my own sites.

First, you're only getting a few requests for it - you'd probably be better
off working on other issues and features that affect a broader audience.

Second, it's also not going to draw many new users into the site. Lack of
OpenID isn't a barrier for most people; instead, keep your registration simple
and work to increase conversion in other ways.

I do think the OpenID ship has sailed, and with only a few people on board.
It's a cool technology, but lets face it, no one but the tech community 'got
it'.

------
intregus
I prefer the idea of simplifying, or removing registration altogether. The
only times registration will stop me from using a site is if I don't trust
them with my email/password, and if that's the case, then the site probably
sucks anyway.

Make a site worth coming back to, and I don't think people mind having to
login (if you have a good "remember me" feature).

------
billpg
OpenID seems to have more traction with the non-hacker populace if expressed
in terms of "Log in using your Google/Yahoo/etc account."

Suits me fine personally. I love OpenID.

------
TallGuyShort
I've never like the idea of OpenID. I recognize the problems it attempts to
solve, but by allowing OpenID, I'm outsourcing my security to other people.
What if the password to the OpenID account is compromised? That in turn could
compromise all of their accounts. And how much do you trust a 3rd party OpenID
provider?

I think a better solution is to just enforce a good password policy.

