Unique usernames on OpenID sites

Bryce Glass bryce at yahoo-inc.com
Wed Jan 14 21:57:11 UTC 2009

This may be of some help. The Tri-Partite Identity Model is (at least 
partially) derived from lessons-learned along the way w/yahoos legacy 
treatment of identity:


- Bryce

Cornelius Schumacher wrote:
> I'm working on a web site which uses OpenID for authentication. In addition to 
> the (potentially multiple) OpenID associated with an account we also create 
> an unique username which can be edited by the user. We have an additional 
> display name which we use to show users in the UI, but we use this username 
> for uniquely identifying users when it's important to have a unique way of 
> identifying users, e.g. when giving another user access rights or in the API. 
> We don't show the OpenID at all.
> While this solution seems to work, I would be interested in comments, if this 
> is the best possible way to implement it in terms of user experience, or if 
> there are better ideas or practices how to do that.
> I looked at the relying party best practices page at 
> https://openid.pbwiki.com/Relying-Party-Best-Practices, but it doesn't seem 
> to have a real answer to that. In fact it's somewhat inconsistent, because it 
> advises to not show the OpenID without user's approval, but also recommends 
> to use the OpenID as unique identifier instead of a site-specific unique 
> username. For some cases this doesn't work together.

More information about the user-experience mailing list