Microsoft Jumps on OpenID BandwagonBy Josh Catone
Now is OpenID finally mainstream? Microsoft announced today that it will be enabling all Windows Live ID accounts — of which there are some 420 million plus users — with the ability to log in to OpenID web sites. Microsoft announced the availability of a Community Technology Preview (their word for beta) of the Windows Live ID OpenID Provider.
Microsft sang high praises for OpenID in a blogged announcement. Said Microsoft’s Jorgen Thelin, “OpenID is an emerging, de facto standard Web protocol for user authentication.”
Microsoft expects to roll out full OpenID support sometime in 2009. Like Yahoo!, who announced support for OpenID last January, Microsoft will be an OpenID provider, but it doesn’t appear that it will be a “relying party” — in other words, it seems likely that you won’t be able to sign in to Microsoft properties using an OpenID obtained elsewhere.
That’s kind of a bummer, because OpenID only works completely if providers that also offer user services become relying parties as well. Everything needs to be two-way.
OpenID is Getting Big, But Still Isn’t Mainstream
With support from Microsoft and Yahoo! there are now likely north of three quarters of a billion OpenID enabled logins out there. There is definitely overlap (I have both a Windows Live ID and a Yahoo! ID, for example, and I am sure that many people do), but even so, Microsoft and Yahoo! are two of the largest online ID providers on the web, so these are big wins for OpenID.
But OpenID still isn’t mainstream. As a Yahoo! user experience study revealed a couple of weeks ago, OpenID just hasn’t been sold well to the public. Adding 420 million new OpenID enabled accounts doesn’t fix the marketing problem.
Take, for example, Microsoft’s instructions to test out the current technology preview of the OpenID Provider program for Live ID:
- Go to https://login.live-int.com/ and use the sign-up button to set up a Windows Live ID test account in the INT environment.
- Go to https://login.live-int.com/beta/ManageOpenID.srf to set up your OpenID test alias.
- At any Web site that supports OpenID 2.0, type openid.live-INT.com in the OpenID login box to sign in to that site by means of your Windows Live ID OpenID alias.
Certainly, turning on OpenID will be easier once Microsoft’s support goes into production sometime next year, but even so, the conventions for using OpenID on the user end are just too alien for many users. Most OpenID login boxes look like the one depicted below:
That’s not the type of sign on form that most people are used to. The two field “username” and “password” approach is so ingrained in the minds of users, that a lot of people are confused when presented with an OpenID login form and don’t know how to proceed. Users in Yahoo!’s test confirmed this, and many reported being confused when they weren’t presented with the password box they’re used to.
“The key takeaway [from Yahoo!’s study] is probably that even if OpenID is ready for the mainstream, the mainstream doesn’t seem to be ready for OpenID,” we wrote earlier this month. “It could definitely benefit from being simplified (in terms of both signing up and signing in), but the main thing that needs to happen for average users to begin to adopt OpenID is that it needs to be pitched in a completely different way.”
David Recordon, who is on the OpenID Foundation board, noted in the comments of our post that OpenID is still in the early adopter phase of the traditional adoption curve. So looking at the pure numbers of OpenID enabled accounts is misleading — the mainstream isn’t yet using OpenID.
As we wrote a couple of weeks ago, OpenID is fundamentally a sound idea, but for many users the implementation has been far from ideal, and the sales pitch has been terrible. Further, without large OpenID providers like Microsoft and Yahoo! also becoming relying parties, the key benefit for users — that you can use your single OpenID to log into all the sites you use — is lost. Yahoo! advised that publishers “promote the utility, not the technology” of OpenID. When the utility is lost, the pitch to the mainstream becomes impossible, however.