Martin Atkins (mart) wrote in apparentlymart,
Martin Atkins
mart
apparentlymart

Canonical Identifiers and Synonyms

Despite it being a best practice, currently only a handful of OpenID Consumer sites support the association of multiple OpenID identifiers to a single “account”. This is important to create redundancy to make the loss of an identifier less catastrophic. Ideally, all consumer sites would:

  • Allow users, after successful signing in with one OpenID identifier, to verify additional identifiers to be attached to the same account. For most purposes, this just involves storing your identifier associations in a separate table keyed on the primary key of your user table.
  • Provide a “recover account” ability in similar vein to the “forgot password” procedure in traditional website authentication. This would be done by having on file the user's email address and sending them a reset URL just as sites currently do for passwords, but then allowing the user to verify a new OpenID identifier rather than specifying a password.

But implementing the above is a chore. You have to develop new UI and new backend code. I doubt we can do much about the new backend code, but it'd be nice if we could somehow define a standard mechanism for doing the first of these in an automated way, so that sites can automatically discover my redundant synonyms. I'm not sure what the solution to the latter is just yet, but I think the former is do-able and well worth the effort.

Tags: openid, xri
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 4 comments