The Yahoo ID used by its members to login to services like Flickr and Yahoo Mail will soon be usable to authenticate to sites supporting the OpenID standard.
A Yahoo ID will provide a single sign-in to OpenID. By the end of January, that Yahoo ID should be sufficient for the portal’s 248 million global members to sign in to the 9,000 sites using the OpenID 2.0 digital standard.
But the reverse path, signing into Yahoo with an existing OpenID, of which about 120 million exist, appears to be closed according to TechCrunch:
“This is just the first step in working with OpenID,†Yahoo Director of Membership and Registration Raj Patel said to me on a phone interview yesterday. But he would not confirm when (or if) Yahoo would also allow become what is called a “relying party†(allowing users with third party OpenIDs to log in to Yahoo). He did say that the goal was to move in that direction, but gave no further guidance.
Plaxo’s Joseph Smarr said Yahoo’s move “paves the way for a secure approach to data portability between the various services people use across the web.” Plaxo, along with Microsoft, Sun, and AOL, supports the OpenID approach.
We appreciate the utility of federating a single sign-in across network resources. But we have concerns about the tradeoff of ease of use for convenience, always a tricky balance to find. One poorly made OpenID password discovered by a malicious person could lead to all kinds of havoc being created for the real person behind the OpenID.
