OpenID will save the world from Phishing (and world hunger)

I know what your thinking… “I thought OpenID made phishing worse!”  With the current state of things this can be true.  Any site can easily pose as an OpenID relier and then redirect you to a fake Identity provider that looks like yours. The good news is OpenID will eventually solve this problem in ways that your bank couldn’t even dream of.

By separating the authentication process and making it predictable across sites, it will be possible to detect and prevent unexpected behavior. There is already a cool plug-in called seat belt that recognizes sites with OpenID support and during login it warns you if you are redirected anywhere besides your identity provider. I suspect browsers in the future will have built-in support for this type of thing.

Few of the problems facing OpenID are unique. The concern over identifier recycling exists today with email. I dropped my hotmail account in favor of GMail a long time ago and if someone ever picked up my hotmail username, it would be possible for them to gain access to a number of sites as me via typical account recovery mechanisms. The thing is… I don’t care. I gave my bank, PayPal, eBay and every other account I really care about have my new email address. This doesn’t mean that someone won’t get bitten by it, but it’s not a problem that’s unique to OpenID. There is already quite a bit of talk as to how to solve this problem and I’m sure that it will be and soon, it will be another one of those problems that OpenID solves that couldn’t be before.

So to everyone who’s like ZOMG OpenID is so insecure, because it doesn’t solve world hunger. 1. I personally believe world hunger only exists in the Asian countries and therefore such as the Iraq and was such was there before OpenID like. 2. Give it time.

Advertisements