Just to put this all together, I’ve written a F.A.Q. and a How-To on OpenID and added them to the OpenID offerings here at Techcafeteria which are, in a nutshell:
- The OpenID-enabled Blog;
- The OpenID server, which I’m committed to maintaining. Techcafeteria won’t be going away anytime soon!;
- A new OpenID F.A.Q., which links to other OpenID resources;
- and a new OpenID illustrated How-to, which uses the Techcafeteria server as an example but overviews how they all work.
Why am I harping on about this? I really do think that OpenID offers a solution to a very pesky problem. I have an encrypted file with all of the logins and passwords that I keep on a regular basis for web sites and services that I use. There are over 200 of them. I might be an extreme case, but I’m far from alone. And, from my years as a technology manager, I know that most people solve this problem by using the same password at multiple sites. So if those sites include your online banking, that’s a serious risk.
But, beyond the convenience and security, I look at it this way. My goal for Techcafeteria is to grow it into a real diverse offering of web-based services, in fitting with the name. Some of these, like the blog, will be based on third-party platforms, others will be things that I develop (I’m experienced with PHP/MySQL and I’m learning Ruby on Rails – I’m even attending O’Reilly’s big conference on it in Portland this week). My goal is single sign-on, via OpenId, for everything that Techcafeteria ever offers.
It’s not a big deal doing this on my web site. It would have been a huge deal if I could have accomplished it at the large non-profit or decent sized law fIrm that I served as an IT Director for. At both of those jobs, we had a variety of systems, all tied into Novell and/or MS networks, but we still had nothing but password soup to offer our users, because the apps weren’t standardized enough to allow for true single sign-on.
At Joomla Day on Saturday, I sat in on a session where one of the core developers (Sam) demonstrated a way to share authentication between Joomla and MediaWiki. Very cool, but somewhat easy because MediaWiki stores the password unencrypted. Assuming that most sites use standardized encryption protocols (MD5 being the big dog, that’s not an insurmountable challenge. But I couldn’t help thinking how much easier this will be via OpenID. It’s not just about this stuff being possible – it’s also about allowing Sysadmins who are not also programmers to implement it.
So, end of OpenID rants, for now. I’ll be doing some live blogging from the Rails conference, and I’ll try and include some context as to why I think Ruby on Rails is an important programming environment.