Sebastian Moleski wrote:
I understand *what* people want to do with it. What I
don't understand
is *why. What benefit does OpenID provide over just registering with
your usual user name and password at any site?
Using the same credentials on more than one site is gambling with your
security. Basically anybody you share your secret password with can access
all of your accounts everywhere if they want to.
With OpenID only the provider ever sees your credential. OpenID provides a
method by which the provider can vouch for you having correctly provided
your credentials without having to give them to the other site.
If there's an advantage, it would make sense to
find some resources to
implement this ability.
The module has existed for several years. The implementation cost should be
fairly small.
--
--
=================================================================
-- mark at geekhive dot net --