I have been messing around a little with OpenID lately. OpenID is a fairly new system of identification, where you only have to remember one password for an OpenID server, which will let you login to any other OpenID enabled system. This has been tried before (Yahoo wallet, Micro$oft Passport) but the benefit of OpenID is that it is decentralized and open source. In the couple of weeks that I have been tinkering, I have used my LiveJournal account, myOpenID, and phpMyID on my own server, all with different passwords, yet this doesn’t change anything for any of the sites that I have registered my OpenID with.
The main problem with OpenID is that not many sites support it. Yet. Wikipedia, which I visit more often than Google lately, has said that they will use it soon. Ma.gnolia, which is a social bookmarking service like del.icio.us but nicer, supports it. There are a couple of small sites that use it. But most of the big boys don’t yet. I want my OpenID!
The one I don’t get, however, is MicroID. I came across this in reading up on how to implement OpenID in my own software, and it just makes no sense to me. A microid is basically a hash of your email address and website. All this proves is that someone knows your, well, your email address and your website address. So? I can’t even find documentation on whether you are supposed to include the trailing slash on your URL. They do in half the examples and don’t in the other half. Can anyone please explain to me how the hell MicroID is useful or secure in the least little bit?
