Unique usernames on OpenID sites
Bryce Glass
bryce at yahoo-inc.com
Wed Jan 14 21:57:11 UTC 2009
This may be of some help. The Tri-Partite Identity Model is (at least
partially) derived from lessons-learned along the way w/yahoos legacy
treatment of identity:
http://thefarmers.org/Habitat/2008/10/the_tripartite_identity_patter_1.html
- Bryce
Cornelius Schumacher wrote:
> I'm working on a web site which uses OpenID for authentication. In addition to
> the (potentially multiple) OpenID associated with an account we also create
> an unique username which can be edited by the user. We have an additional
> display name which we use to show users in the UI, but we use this username
> for uniquely identifying users when it's important to have a unique way of
> identifying users, e.g. when giving another user access rights or in the API.
> We don't show the OpenID at all.
>
> While this solution seems to work, I would be interested in comments, if this
> is the best possible way to implement it in terms of user experience, or if
> there are better ideas or practices how to do that.
>
> I looked at the relying party best practices page at
> https://openid.pbwiki.com/Relying-Party-Best-Practices, but it doesn't seem
> to have a real answer to that. In fact it's somewhat inconsistent, because it
> advises to not show the OpenID without user's approval, but also recommends
> to use the OpenID as unique identifier instead of a site-specific unique
> username. For some cases this doesn't work together.
>
>
More information about the user-experience
mailing list