Hacker News new | comments | ask | show | jobs | submit login

This is one of the reasons your Open ID should have been formed like an email address, ie, username@domain.ext

That way, sites can immediately tell the domain name of the provider, and the user to verify, without having the extra selection step for the user. It's also more familiar to users.

This is one of the reasons I decided to not go with OpenID as primary identity authentication for Appleseed.




OpenId does have this in the form of a URL as your identifier. If you had a myopenid.com account, for example, you can login to your site using 'michaelchisari.myopenid.com'. That page will contain a metadata tag specifying who your provider is (You could use any domain/page you control as long as you add a metadata tag to it).

This is the default way that OpenID works -- The selection of providers is purely a UI choice that has become popular by sites to hide users from URLs.

There's always still a box near the bottom that allows you to type in your URL without picking a provider.


True, however, michaelchisari.myopenid.com is not the same as michaelchisari@myopenid.com, though, which I firmly believe if OpenID had standardized on, what was lost in flexibility, would have been more than made up through user adoption.


Agreed. Though it would only work if email providers also became OpenID providers (which admittedly would have been very possible), or else having two things that look just like email addresses could cause similar confusion.

An advantage of URLs is that you have the choice of whether to give your email address to the site. Myopenid.com will prompt you for whatever information the site requests, and you can even choose which email address (if any) to provide the site. Sites which use an email address for login currently require you to remember which spam email address you gave them.

The indirection offered by URLs is quite powerful too: See jerf's comment: http://news.ycombinator.com/item?id=1916033


You've been able to do that with OpenID for the last few years, that's why you can just have buttons for Yahoo, Google, or myOpenID instead of needing to type in joe.myopenid.com or google.com/id/aoeiasnexhtsanogysaeig==




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: