Friday, November 30, 2012

Twitter is the de facto OpenID

OpenID was intended as a way for website visitors to log in to one website and then reuse that logged-in "identity" on other websites as well. The wonderful benefit of OpenID is avoiding the hassle of setting up separate identities for separate websites. And if someone is already logged in to the "providing" website, then they can step the login step altogether on the "relying" websites, which more or less only need to ask the provider about who's currently logged in. (The typical security precautions apply: the easiest first steps to prevent someone else from reusing information is to log out from all websites and quit the web browser.)

If the preceding paragraph led to the reaction, "Huh? OpenID sounds good but I've never heard of it," then it's clear why some commentators declare OpenID a failure. It's currently in use and it will most likely survive for a long time to come, but it never achieved widespread popularity. In my opinion, a surprising competitor has surpassed it to become the top identity source: Twitter. Here's why.
  • Publicity. By any measure, Twitter is well-known and constantly visited. This is vital for a successful identity source. If an identity source is relatively unknown or dormant, websites won't have a strong reason to accommodate it. And the fewer websites that accommodate it, the less appealing it is as an identity source, which then causes fewer websites to accommodate it, which then causes it to be less appealing as an identity source... The upshot is that an identity source excels when its main attraction is something famous other than providing identities to other websites.
  • Upkeep. Twitter's reputation for availability has fluctuated. Nevertheless, as a major website (see #1), it has an obvious interest in ensuring that visitors, apps, and other websites can log in quickly without problems. OpenID was by necessity a secondary option for logging in, so neither the providing nor the relying websites were especially careful at ensuring OpenID functioned properly—OpenID visitors were less valuable anyway, precisely because the website didn't force them through the information-gathering portion of login setup. All too often, either the providing or the relying websites rejected the other due to miscellaneous errors. Since OpenID was a low priority, it wasn't as well-tested or maintained while the website's normal login code evolved. Like RSS feeds, redesigned websites accidentally broke OpenID access and then never repaired it. OpenID's independent and noncommercial existence protected it from the potential extinction of any single company, but it didn't have a specific team of paid support staff responsible for its bugs, like Twitter's login.
  • Informality. In comparison to other websites, Twitter's login setup is quite rapid, undemanding, and painless. Twitter needs very little information for the activities it has. Thus, whether on purpose or not, it's an effective strategy for the incidental task of just creating uncomplicated login information. Given that the motivation behind the search for an identity source is dodging irksome/repetitive login setup, this characteristic of Twitter is ideal.
For anyone who wants to scatter their comments throughout the Web, Twitter has greater practicality than OpenID. Who knows, someday I may stoop to use it to micro-blog...

No comments:

Post a Comment