How to address OpenID providers downtime?

tags:

openid

views:

270

answers:

+10 Q:

How to address OpenID providers downtime?

OpenID is all good... UNTIL the provider goes down. At that point you're potentially locked out of EVERYTHING (since you jumped on the bandwagon and applied OpenID everywhere you could).

This question came up because I can't, for the life of me, login with my myopenid.com provider. :-(

+18 A:

The fix is for your OpenID site to accept multiple OpenIDs per user account. Something that the spec recommends.

nsayer 2008-09-26 16:44:42

Instead of "your OpenID site" It would be clearer to say "the site accepting your OpenID (commonly known as an OpenID consumer)". One of the highest voted suggestions on uservoice is for stackoverflow to allow people to change the associated OpenID.

Sam Hasler 2008-09-26 16:52:04

Being able to change your OpenID though would not solve the problem of your OpenID provider being down though, as you'd not be able to login to change it.

Ollie 2008-09-26 17:10:11

@Ollie - setting up multiple *in advance* would work just fine.

ceejayoz 2008-09-26 17:14:26

I need it now since I can't get through on myopenid.com

Larsenal 2008-09-26 17:18:47

Update: stackoverflow now allows you to change your openid and add an alternate.

nsayer 2009-01-15 03:50:27

+5 A:

This is why I use my personal website to delegate OpenID services to another site. If WordPress.com (my current chosen provider) goes down, I just switch the code in my site to point at a different provider. A few seconds and I'm back up and running.

ceejayoz 2008-09-26 16:53:33

If your website goes down, then you are still screwed.

Milhous 2008-09-26 16:55:04

I don't think this makes sense, would the alternate provider have the users' information? I don't know how it works too well but that seems to be wrong

George Mauer 2008-09-26 16:58:16

Milhous - it's far more under my control that way, though. If I need to, I can point my DNS at a friend's server and put up a barebones HTML page with the OpenID code. There are very few ways my site is going to go down for more than 15 minutes or so (other than forgetting to renew the domain).

ceejayoz 2008-09-26 17:01:02

George Mauer - that's not how OpenID works. Data isn't stored at the OpenID provider, just your account credentials. Data is stored on the site - StackOverflow stores its own data, but it associates that data with my OpenID URL. As long as I control ceejayoz.com, I can use OpenID.

ceejayoz 2008-09-26 17:02:21

[continued] I already have lots of OpenIDs - AIM, Yahoo!, WordPress.com, etc. If WordPress.com goes down, I can point my delegation at AIM instead, log in with my AIM credentials, and have the same access and data I had before, pretty much seamlessly.

ceejayoz 2008-09-26 17:06:44

It is a partial solution, but still, if your webserver goes down, and you can't control the domain by some reason, you're still screwed. Being able to register multiple OpenIDs on the other hand always works.

runaros 2008-10-16 12:12:23

The chances of my (very reliable) domain registrar and my (very reliable) webhost both going down at the same time strikes me as not worth worrying about.

ceejayoz 2009-07-23 20:23:34

The answer is simple. Store an email for the user. Have your own login mechanism. Making OpenId optional is the straight forward answer to this.

Unfortunately some sites are closed minded about OpenId.

Peter 2008-10-16 11:52:32

ansaurus

tags:

views:

answers:

How to address OpenID providers downtime?

related questions