Category Archives: Security

OpenId – extremely insecure?

I’ve just read a good blog entry pointing out the dangers of OpenID, a system designed to allow you to use the same username/password for a variety of different websites.  Basically, OpenID makes a user extremely vulnerable to phishing, the process of tricking a user into providing sensitive information.

The other complaint mentioned that I agree with is that of poor usability.  I’m a pretty computer savvy guy, and I had trouble getting set up with, and using OpenId.  I have serious doubts about grandma’s ability to use it.

This is significant because almost anyone that sets up a consumer-facing website will have no-end of people asking them when they are going to support OpenID – it is the buzzword de-jour.  These problems suggest that people shouldn’t be so quick to jump on the OpenID bandwagon.