There has been a ton of talk lately on OpenID, especially since it has seemingly gained inroads with a lot of major industry players such as Microsoft, Verisign and AOL. Heck, even Digg is planning on supporting it.

Michael Arrington of TechCrunch recently said:

It’s definitely time to declare OpenID a winner and the hope for a single-sign on world a reality.

When you read commentary by supporters of OpenID and the resulting press you can’t help by get the impression that it’s the savior of the internet and finally solves the authentication problems for users on the web. Some of the stated advantages:

1. De-centralized — you don’t have have to trust a single authority like Google or Microsoft.
2. Tiered authentication — websites that require stronger authentication can get users to sign in with a strong credential. It’s built into the protocol.
3. URL-based — you can keep your email address private and it saves you time when trying out new sites and services (you already know your ID is unique since no one else is using your URL identifier)
4. Multiple identities made easy — you can have multiple identities by using different URLs

The list goes on and on… When I read the above list, you can call me skeptical to say the least.

(more…)