One Step Closer to Internet Single Sign-On

“Using your favourite websites and services could soon mean memorising far fewer passwords” according to this BBC News article. Microsoft first got involved with OpenID a little over a year ago. In fact, I discussed that news on this blog last February here and got quite excited about the future prospects.

Those prospects now appear to be one step closer to becoming reality with IBM, Google, and Yahoo also joining the fray.

There’s a good description of the pros and cons of OpenID here. For instance:

OpenID logins work by redirecting you to the OpenID hosting provider and having you enter your single username and password there. This means that potentially, an evil operator could set up a phishing site in that redirect which collects your login information. If they do, due to the nature of OpenID, they’ve got the keys to all the sites you OpenID into.

It’s a fair enough point and I’d like to see more work done in addressing the risk, more specifically the use of multi-factor authentication becoming the norm rather than the exception. WIth OpenID opening up access to an ever increasing number of sites then providing a common second form factor to users could become a possibility.

My prediction is next that social networking sites will jump in and offer up OpenID access. That will see the technology snowball. Let’s see if I’m right.