When this post goes live I will have had OpenID running on my blog for 24 hours.
My first attempt to do so was not successful. The theme I use does not support the option of displaying that the website URL is checked for OpenID (a feature of the WordPress OpenID Plugin [1]. Someone who’s comments I desire complained that the unexpected prompt for an OpenID password when they entered a comment caused them to abort the submission process and I therefore lost their comment – so I immediately disabled the plugin. I think that person was being a little unreasonable, it seems to me that when you add OpenID to your web site you should be expecting it to be checked for such things! But in spite that I felt obliged to do what was necessary to avoid confusion.
Yesterday I reenabled OpenID, my first effort was to hack my theme to have a separate entry field for the OpenID URL which appears to work (this is documented in the OpenID plugin). The next step was to enable the URL to be used for OpenID and hack the theme to make it note how it’s being used. This appears to work well and should avoid the objections.
One factor that gave me an incentive to work on this is this post about Taking a Stand to Promote OpenID [2]. That’s the type of person who I would like to have commenting on my blog.
I’m also working on my own OpenID authentication solution and I may consider taking the same stand.
[…] was reading a post on Planet Debian and that is why I’m writing […]
I love having OpenID on my blog – Admittedly it doesn’t get much reading, but at least I help promote the idea.
OpenID is a really big step forward in internet authentication – I am already fed up with the number of passwords I type in, so in the end they are all the same, which is not good security.
edit: Unfortunately my OpenID didnt work – I authed my provider (my own server) but your plugin didnt seem to like the response…
“Unfortunately my OpenID didnt work”
I’ve had that happen enough with other sites expecting OpenID that I don’t even bother anymore. Its more hassle than its worth, especially for sites like blogs that accept anonymous posts.
I understand how OpenID appeals to my techie side (a universal authentication mechanism, hurrah!), but so far its done nothing but make authentication on the Internet more annoying for me.
I wouldn’t use that plugin… http://article.gmane.org/gmane.linux.debian.devel.mentors/32898
Testing OpenID auth
Thanks, Russell, for making one more place to use my OpenID.
I agree with Aaron; I’ve made a similar stand for a year or so now. I find the stress of politely telling sites that I won’t be using their service until I can use my OpenID for authentication, to be significantly lower than the stress of managing so many darned identity sets.
Hopefully I am also the sort of person who you would like to have commenting on your blog :-)
Ben: Yes, I want your comments on my blog. In the past I used to generally avoid commenting on blogs that required registration or that had CAPTCHAs. If some of those sites accept OpenID instead then they will be more likely to get comments from me.
Russel: OpenID is no replacement for CAPTCHAs. Just because spam bots don’t support it atm doesn’t mean they won’t in the near future. OpenID has no anti-spam features and in no way guarantees the user to be a human — both of which are features of CAPTCHAs.
michael: I agree that OpenID is not a long-term solution to the spam problem. Currently it is a temporary solution, and then when combined with white-lists it can be a longer term measure.
It wouldn’t be difficult to compile a list of blog URLs from the Planet feeds that I read (that would be about 10 minutes work), if the OpenID plugin supported a white-list I could just plug that list in and then 90% of the people who comment on my blog would be white-listed.