I had a bit of a read about OpenID this morning.
Essentially, how it works for non-developers is this:
* you sign up for an account at a site such as http://www.myopenid.com
* they give you a URL, such as http://sminnee.myopenid.com
* you go to a site that accepts openid authentication, and type this URL in.
* myopenid.com will be responsible for authenticating you and providing profile information (name, nickname, date of birth, country, etc) that you choose to provide.
The benefits to the user are roughly:
* a single password for all your sites
* those sites never know your password, myopenid just tells them whether to let you in or not
* you have a lot of control over what you let different sites see, in a nice interface. you can also see stats about sites you've signed into and things.
The disadvantages:
* You've got to sign up for an account at myopenid.com before doing anything
* You need to use a URL instead of an email address or a username to sign up - this would probably take some getting used to.
Both of these disadvantages are pretty trivial, but OpenID is still something that should be an optional authentication scheme on a site.
SilverStripe has an authentication system built into the core. Perhaps it would be worth offering OpenID authentication as part of this?
What have other people's experiences with OpenID been?