What is OpenID and How does it work

OpenID is a way of using a common username across multiple sites for authentication. It has obvious benefits such as eliminating the needs of remembering different usernames and less headaches for companies to administer their usernames and passwords. It takes advantage of the fact that users have already created identies for themselvs in forms of their blogs, online profiles, memberships to social networking sites etc.

OpenID was born from the open source concept and no body owns it. The OpenID foundation acts as a legal entity for OpenID platform and helps in promoting the concept. The OpenID technology is non proprietery and is completely free, all you have to do is sign up with an OpenID provider of your choice, one you trust, you can even be your own OpenID provider. If you subscribe to popular services of AOL, Blogger, Yahoo, Technorati or Wordpress, chances are you already have an OpenID. If you don't you can get one free from any of the provides listed in the list here http://openiddirectory.com/

OpenID works quite similar to how Microsoft's Passport works, except OpenID is not owned by any company like Microsoft. When you go to a website, you don't log on to the site with credentials agreed on that site, instead you authenticate with the credentials provided by your OpenID provider. In fact, OpenID is just a URL for example http://testusername.yourblog.com , you basically claim ownership of the URI and the ability to prove ownership facilitates authentication. The relying website then forms a relationship using a shared secret with help of Diffie-Hellman (encryption) key exchange to make sure information is not compromised in transit, the relying website then uses the credentials from the OpenID provider to authenticate you.

OpenID has come a long way and is currently implimented in big companies such as Google, Sun, AOL, Microsoft and Novell, it has a large userbase, providing authentication services to more than 10,000 websites. You can find more information on the OpenID website at http://openid.net