0

Greetings all:

I currently am building a web application, and have been debating whether to go with a conventional database login system, or going with an openid based login system as we have on stackoverflow and family. What my question is when would an application designer would choose an openid system over the more conventional login system, and when would it be better to use a conventional database login system?

Improve this question
1
  • 1
    Im interested in the responses to this question but you should probably either make this a community wiki or migrate to programmers.stackexchange.com (Lest you draw the wrath of the SO gods down on you) Commented Sep 24, 2010 at 22:58

1 Answer 1

Reset to default
4

Well it depends on several factors. Some of them are:

  • Security (is it a critical login like banking system? does the user need to change the password from time to time? logging into my bank account using my facebook account is quite absurd!)
  • Privacy (dont forget you giving information to openid providers or facebook or google or whatever you port to an synthetic openid)
  • Dependency on external services (avilability of those in your environment)
  • Portability (support them once, you have to do it 4ever!) and the list goes on and on and on.

Generally speaking websites use Single-Sign-On and openid to increase registrations because its convienient for the user. Permission Control / Oauth etc is another thing.

In my opinion its a very good thing but you should always offter the alternative of a genuine registration.

avoid as many problems as you can. Allow linking of accounts so that the user may change is mind and use his newly acquired openid for his account form now on, or switch to an old school user account.

To sum it up: In the background there ARE in 99% "real oldschool user accounts". All those openid/connect stuff is just authentication. another way of entering the password.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

+1, especially for the last paragraph: 'openid is just authentication, another way of entering the password'

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.