OpenID is a new mechanism to allow users to login to sites without needing to register a new account on each site. It's very similar to how Microsoft and Google authenticate you across many different sites only the technology is not tied to any specific company. As the name suggests it's Open.
The key thing to understanding OpenID is delegation. An OpenID is any website that supports the OpenID standard and can validate your login. So in effect an OpenID is a special website address.
Technically this sounds fine but from a UI perspective this causes a problem. Let's look at how users login today...
It's pretty consistent across the board. Email/ID and a password, a button to login, an option to keep you logged in and a way to retrieve your password when you forget it. There really isn't a place to type a URL. If a site wants to add support for OpenID it's both a technical challenge as well as a UI challenge. How do you explain this new concept to users that just want to login?
Instead of thinking about this from the web-perspective what if we think about building in OpenID UI directly into the browser:
- If a user hasn't setup an OpenID with the browser the very first time the browser can recommend an OpenID provider and then cache that provider for the next time.
- From the user perspective it's just a link, they don't have to learn a new concept if they don't want to.
- If the site doesn't support openID the link wouldn't be shown so the experience is fairly consistent.
- If a browser doesn't support openID natiavly the above example could be done with a bit of Ajax.
- If the UI is integrated into the browser you can allow users to save the password with a non-modal control.
- Password managers and extensions could allow you to easily manage 100's of passwords (local or remote)