One of the core advantages of OpenID is that your site does not end up storing user credentials itself because the authentication is done at the 3rd party OpenID providers server and your site is sent an authentication token.
Another semi-related plus is that you can also request other information related to the authenticating user that the provider may have. This can help to streamline the registration process further because you can get basic profile information like a first name, last name and email address which the user would otherwise be asked to provide.
OpenID works by shifting responsibility for authentication from your site to a remote third party. Because you are dependent upon that third party to authenticate your users for you, if that party is unavailable, then those users whose identity information is stored with that party will not be able to authenticate to your site if their OpenID is their only means of authentication.
Further to the previous point, because a given OpenID may represent a valid identity at many websites, a compromised OpenID is potentially more valuable to an attacker than a set of site-specific credentials. As a consumer of OpenID your site can't do much about this, but its worth being aware of nonetheless
As a user, I like OpenID because:
- I dont have to think up another set of credentials that I have to remember-
- I feel better about registering because there are less form fileds to fill in (if you get my reg data from the provider)-
- I feel better because I don't have to trust your website with my credentials because they are stored at the server of an organisation I already trust and know to have a bigger budget for security than your tiny little website