Tuesday, January 8, 2008

Yahoo! to embrace OpenID?

This would be huge: Flickr to Authenticate OpenID - Is This The Yahoo! CES Announcement?

Rumors abound that Yahoo! will make a major announcement about OpenID today at CES. It looks like at the very least you'll be able to use your Flickr user page URL to log in anywhere that supports OpenID login. The code is live, view source of any user page and search for OpenID and you'll find it.

I looked and the code is indeed there. It redirects to Yahoo!'s current login page.

This is starting to look more and more like the year OpenID becomes a staple. You can say whatever you want about Yahoo's current situation, but they are still the #1 destination site on the Internet. If Yahoo goes this direction it's just a matter of time before many others follow. Remember that Google is already dabbling in OpenID: Blogger in Draft and OpenID.

We can only hope that the dominoes are starting to fall. Can't happen soon enough.


Anonymous said...

I think the break through will be when the major players allow you to authenticate in to the core of their systems using OpenID. For instance, blogger only lets you comment with openID. Yahoo is saying, "We'll act as your openID provider". Can I use my openID from myopenid.com to authenticate to Yahoo? Apparently not.

BTW, I have students evaluating myOpenID this term. Have a peek here:


Anonymous said...


Yahoo won't accept OpenIDs from other providers? Or am I misinterpreting what you're saying?

Your URL was clipped. Could you send it to me? I'd definitely like to take a look at what you're doing.


Anonymous said...

Kevin, per your link, the announcement was that they would "at least" allow you to use your home page as a provider. Being a provider and consuming are two different things.

My students are evaluating myOpenID. Some interesting opinions. Here's a better link.

Anonymous said...


Thanks for that. I got busy and didn't see the actual announcement - although I did try quickly to find it.

We need these sites to be consumers of OpenID. They have to stop this "we own our users" kind of thinking. This is nothing more than what AOL did last year. Sigh! I should have known better than to get excited.

More in a bit...

Anonymous said...


I enjoyed reading your student's comments. Can't say I disagree with them. Where I mostly trust OpenID I'm not sure I would want it used on my banking site or health records.

We're getting ready to go live with a large public-facing site that will only use OpenID authentication. Could make for an interesting research project.

Anonymous said...

Hi Kevin, I assume you'll post about the site here.

I use OpenID as an identity collection point. That's fairly valuable.

I'm not sure it's meant as a secure authentication mechanism. I can imagine having a sort of double authentication mechanism where you authenticate to openID (and maybe store a signature on your computer to make future authentication possible without having to type in anything) and then authenticate again with that ID to whatever service you're planning on using.

That seems no less secure than cookie based authentication to me.