Alternatives to myOpenID for all platforms with any license


Show 10 less popular platforms

myOpenID Comments

RE: MyOpenID's closing | A cautionary tale

Comment by DesElms
about myOpenID · Apr 2014 · Helpful Not helpful Report as spam

This whole business of MyOpenID closing is actually kind of a big deal... bigger, I think, than most people realize.

I'm an early adopter of the OpenID/OAUTH system; and back in 2006 when it was all getting started and I signed-up with an OpenID provider, I chose JanRain's MyOpenID because it was one of the first and, at the time, the only truly free one. There was actually one I liked better (though I can no longer remember what it was), but there was a cost of some kind associated with it (which I can also no longer remember; but that's my recollection).

As a seasoned old IT pro (with pushing 40 years in IT, as of this writing), I knew that GMAIL and the other big players were being encouraged by the OpenID Foundation to embrace OpenID/OAUTH; and I knew that many of some of those big players' employees were part of the development of OpenID, aand so I knew that it would be just a matter of time before such as GMAIL utilized it.

But I wanted an OpenID provider that wasn't tied to everything I did online; one that just offered OpenID and nothing else. Using something like GMAIL as one's OpenID... I dunno... it just feel to this seasoned old veteran like putting too many eggs in one basket.

Back then, JanRain's MyOpenID was almost all that was out there. So that's where I signed-up.

SEE | (who knows how long that'll still be up)

But I've never fully trusted it. In my years in IT, I've seen so, so many really excellent ideas and products go belly-up; and something about OpenID... I dunno... I just wasn't sure it would ultimately shake-out like everyone was hoping. Oh, don't get me wrong: I was certainly HOPING it would all work-out exactly as everyone planned, but... I dunno... I was dubious, for some reason. Turns-out I was right, I guess.

And so, in 2009, when I wanted an account here, at AlternativeTo, I was disappointed that I couldn't use a login that was provided solely by this website; one that's part of its internal system, and not tied to any OpenID. Oh, I didn't mind that it used OpenID; I just wanted its own login system to be an alternative. The site's name is, after all, "AlternativeTO," right? [grin]

That non-OpenID method is, in fact, is what I always opt for when I sign-up on a website, even if some form of OpenID is offered. But, alas, that wasn't an option, here; and so I used my MyOpenID account here. And it has worked-out fine...

...that is, until MyOpenID announced that it was closing on February 1, 2014. Because I've never fully trusted OpenID, I haven't used it in very many places; and so it took until the end of March of 2014 for me to even realize that I could no longer use MyOpenID here... or anywhere else, for that matter!

So, then, in order to login here, I had to use one of the newer, larger OpenID providers. I have most of them that are offered, here, but I chose my GMAIL account. However, right out of the gate I noticed that I was being forced in my new account, here, to use the username "greggdeselms" (or, rather, more accurately, that's the name that was defaulted into the "username" field when I first logged-in and was asked to complete my profile information); but I didn't want "greggdeselms" as my username. I wanted my old "DesElms" username, and its history, here, since 2009. And so I tried to put that username ("DesElms") in, instead; and the system told me that I couldn't because that username already existed, which I understood because that was my username here that was tied to my old-and-now-defunct MyOpenID account; and I knew that that account and its history was stiill here, even if I could no longer login to it, here, because MyOpenID had turned-off all its cross-site OATH capabilities on February 1st.

So I contacted this site's owner and asked that my old account be tied to my new one. And though it has now finally happened (obviously, since if you'll notice, my username is "DesElms," even though I'm now logged-in using my GMAIL account), it nevertheless took this site's best people a couple of days to figure it out. And I have a feeling that they had to really fiddle with things to make it finally work. While that was time-consuming for them, and made me worry for a couple of days if they would be able to do it, at least now they know how to do it for other users who ask. So, I guess this dark cloud had at least that silver lining.

However, there's a much larger downside to all this. By JanRain's shutting down its MyOpenID service, it has left thousands of its users, like me, with problems like what I've experienced, here. I can't even remember all the places where I was forced to use OpenID, and so I know that more of what happened here will come-up in the future as I happen to try to login to something where I've use MyOpenID. And if the site's owners are not as skilled as this site's owners, I may never end-up getting my old history using MyOpenID tied to whatever will become my new login there; and I'll also lose my "DesElms" username.

That happened at Yahoo, for me, years ago, when I stopped using MAIL.COM as my regular email account provider (we're going back a lot of years), and so couldn't recover my Yahoo account when I needed to. Not only was I not using a MAIL.COM account anymore, but MAIL.COM had stopped using the domain name at which was my MAIL.COM email address (which was mostly the reason I stopped using it, though there were two others: one involving how they had repugnantly commercialized the place, and the other related to the increasing number of spam blacklists on which MAIL.COM's domains were appearing). To this day, I can't get that Yahoo account back; it's lost to the aqes. And that's when, right then and there, I started using only an email address at my own domain name, where I could always control it. I already had one, but I wasn't exclusively using it. At that moment, though, I started. But now I digress. Sorry.

So, fine... back to our story: I guessed that MyOpenID's closing meant that I had to go find another OpenID provider that wasn't tied to something like GMAIL so that I could avoid that whole, aforementioned "too many eggs in one basket" thing. So I looked here...

...for a new provider (noticing how many big players like GMAIL and Yahoo! were now OpenID providers; very different from back in 2006 when JanRain and one or two others were all there was); and found that only Symantec/Verisign's service was OpenID-only... meaning that only it was like JanRain's MyOpenID in that all it offered was OpenID, and not anything else like GMAIL and all the others. And I thought to myself that it's too bad Symantec/Verisign's PIP/OpenID service didn't exist back when I signed-up with JanRain's MyOpenID, because I would have opted for what I'm sure I would have felt was the more impressive-looking, secure, and likely-to-always-be-there Symantec/Verisign service.

So, fine... I went there and signed-up, thinking that I was finally getting an OpenID provider whose only thing in life was the provision of OpenID and nothing else; which provider would always be there. It also offers a cool encryped "safe," of sorts, where users can safely store digital images of things like their birth certificate and stuff. I also liked that Verisign used a much cooler two-factor authentication than MyOpenID used (though MyOpenID's was pretty cool, too; it involved one's cell phone being called whenever one wanted to login, and verifying with a code that one is really who one says one is). The Verisign method let me install a cool free app on my cell phone, and then tie it to my new Symantec/Verisign PIP/OpenID account; and then anytime I logged-in to it, I just use the phone app to verify that it's really me. Very nice; and there were a couple other nice ones, too. Symantec/Verisign's PIP/OpenID, then, is definitely more feature-rich than MyOpenID; and, again, everyone knows that neither Symantec or Verisign are ever going anywhere.

So, here's my new account there...


...but, if you're looking at that page using anything other than Internet Explorer (IE) (for, example, if you're using Chromium/Chrome or Firefox), you'll notice that the video I put there, and the map beneath my postal address over on the right, don't appear. That profile page looks fine in IE, but not in any other browser.

So I contacted Verisign Labs and asked that my message be fowarded to whomever is in charge of the PIP/OpenID product; and I complained that my PIP/OpenID profile page was obviously not cross-browser compatible; that it obviously wasn't W3C and HTML5 standards-compliant. I pointed-out that all the inside pages, where I created my profile and whatnot, worked fine; but that the final PIP/OpenID profile page was broken. I then told him/her of my travails with MyOpenID, and that I was in no mood for more OpenID-related troubles and so could I please not get any from my new provider; and I also argued (and documented) that Chrome was taking-over the world, in any case, and so they really needed to make that profile so that it would appear properly in it!

To my surprise, I heard back from the head of that product, indeed. He said he was an early shaker-and-mover with the whole OpenID project; and that he, too, was disappointed in that his own site's PIP/OpenID profile page hadn't been keeping-up with browser changes. But he said, in no uncertain terms, that that whole product had been all-but-abandoned; that he wasn't allowed by his company to spend any more money on it; and that he was doing his best to fight the powers that be at Verisign to keep it alive, precisely so that what just happened to all of MyOpenID's users wouldn't also happen to Symantec/Verisign's. But the sad truth, he said, was that he could lose that battle at any moment; and that even PIP/OpenID could shut-down, exactly like MyOpenID just did.

Obviously, I appreciated his candor; but in a way it also made me furious... though not at him. I could sense his own frustration with precisely how the whole OpenID thing has shaken out since 2006; how while the big players' embracing it was what they all wanted, they didn't want said big player adoption to eventually cause such as JanRain and its MyOpenID to shut-down... or Symantec/Verisign's PIP/OpenID service to maybe eventually close, either.

Yes, on one hand I felt like my gut instict to not fully trust it all, back in 2006, had panned-out; and, of course, I always like being right [grin]...

...but that feeling was overshadowed by my anger because it's just prima facie wrong for such as an OpenID provider to step foward and ask the world to trust it and its service, and to use it everywhere that it can be used...

...and then later just shut it down, for whatever (usually financial) reasons, and leave all its users who had trusted it just twisting in the wind. That's just intuitively wrong. Period. Some things, in life, are just wrong; and why shouldn't have to be explained!

Early OpenID providers knew what they were getting into back when they stepped-up; they knew that there would likely be no profit from it; and/or that even if they could find no way to somehow profit from it, they nevertheless needed to never abandon their users whom they had convinced to trust them. Their ultimately shutting down would be a little bit like -- sorta' analogous to -- a bank shutting down, and then everyone subsequently learning that said bank wasn't really FDIC-insured, after all! Its customers would be verily screwed!

That's what's happened to users of MyOpenID; and it's also what could happen, it seems, at least eventually, to users of Symantec/Verisign's PIP/OpenID product and its users. Since I'm in both of those categories, I now fear that if I use my new Symantec/Verisign PIP/MyOpen ID account anywhere, like I had used my MyOpenID accont here, I'm just gonna' get screwed again, like I did here... er... well... like I at least would have been, here, had the support people, here, not been really good at what they do so that my old MyOpenID-related history, here, was not lost and could be tied to my new GMAIL OpenID/OAUTH login, here.

This whole thing makes me feel like maybe I should go to this web page...

...and use the information found there to sit down and code my own OpenID service, that's only that, and which is a not-for-profit organization; and set it up like so many other things I have set-up on the Internet so that it will continue to operate even if, heaven forbid, I step in front of a bus or something... that there will be at least one OpenID service out there that's not tied to everything else that one does on the Internet (as GMAIL is, for example) so that there wouldn't be so many of one's eggs in that single basket; and so that no one would ever be screwed, again, like I just got screwed by MyOpenID; or like I'm getting a bad feeling I'm gonna' get screwed again by Symantec/Verisign's PIP/OpenID someday when Verisign finally closes it. After all, Symantec has a long and sorry history of gobbling-up perfectly fine products, and then eventually discontinuing them. They're almost worse that Google that! In fact, the nearly-entire reason that I'm not trusting Google's otherise kinda' cool "Google Keep" product (and am using SpringPad, instead) is because I'm already betting dollars to donuts that Google will eventually kill it, like it killed its RSS, and a whole long laundry list of other otherwise excellent Google stuff. The other reason is because voice notes in Google Keep are all garbled on my Samsung Galaxy Note II (AT&T SGH-i317) phone... or at least were, last time I checked; I've had an OS update, since then, so I should probably check again... but now I digress, again. Sorry, again.

Certain things on the Internet -- especially when they're as basic as one's ability to verify one's own identity -- should never go away. At least some things, in life, really and truly do need to be "forever."

Those like MyOpenID and Symantec/Verisign who stepped-forward early in the development of OpeenID/OAUTH and asked the world to trust them as they built their OpenID services should have understood that what they were doing was not something that they could ever walk away from; or that if they ever did, then they'd have to transfer it into the hands of others so that it would endure.

I understand that there are costs; and that if the model can't be self-sustaining, then it's just bad business for for-profit entities to continue it. Clearly that's what JanRain and Symantec/Verisign were/are struggleing with. I get that: I've been a management consultant for pushing four decades; I'm not an idiot. And the two-factor identification that MyOpenID was using, for example, likely got more expensive when PhoneFactor (whose service it was using) got gobbled-up by Microsoft's Azure (an unlikely move for Microsoft, by the way, that still has those in that world scratching their heads... but I don't want to digress again).

Two-factor authentication, however, needn't be costly. Symantec/Verisign's system, with its cool app, need only use regular Internet bandwidth, and not even any phone lines. And MyOpenID could have just as easily built its own two-factor authentication service using either simple text messaging; or, if it really liked the whole make-a-phone-call model, then, fine: the open source phone system like Asterisk, running on a server running a free Linux distro, and utilizing unlimited-calling VoIP lines, would have worked magnificently, and for a mere fraction of the cost of Microsoft's now-higher-than-what-PhoneFactor-charged service.

Hmmm. Now that I've had the wacky notion of starting my own not-for-profit OpenID service; and now that MyOpenID has already given-up on it, and Symantec/Versign clearly might, the two of them should just donate their OpenID operations to my non-profit and then I could just take care of all their users and not leave them twisting in the wind, like happend to me!

Hmmm. That's a thought, isn't it. If I did that, then I could contact the OpenID Foundation and ask them to put my non-profit's name down in the bottom paragraph on this web page...

...instead of JanRain's name. Then I could also provide services to anyone wishing to do simple delegation using their own domain names, too... hopefully still within the not-for-profit framework.

Hmmm. Interesting thought. Something to consider... which I probably shouldn't be disclosing, here, that I'm now considering, lest someone else steals the idea from me...

...except that there's obviously no money in it, as both JanRain and Symantec/Verisign can attest. But, as it turns out, I'm all about not-for-profit operations, these days. I've converted my consultancy to nearly 100% helping non-profits... for free, if I can; and for just what it costs me, and not a penny more, if I can't. If they donate to my own non-profit, then I'll take that, of course; but I'm all about non-profit, now. I actually know how to make it work.

So, then, again... hmmmm.

Anyway, so that what happened to me, here, can be avoided, I recomment to every website that it does as I've suggested that this one does, and that's, yes, offer OpenID/OATH, but also offer its own login system for those who'd rather not use OpenID; and who'd rather just have their own login on the site, which login is part of the site's internal system. That said, if someone (and I'm starting to think maybe it could be me) were to put together a truly-non-profit OpenID site, and structure it so that it could be self-sustaining enough that it could just cover its expenses, and could keep running even after my death (which is how I've been setting-up everything in my life for 30 years; I'm now good at that, too); and if I included, as part of my non-profit service that I'll take-over any for-profit model like JanRain or Symantec/Verisign which fails and decides to give-up (so that their clients won't be screwed), then I suppose a website like this really could use only OpenID/OAUTH.

Either that, or, we all just have to resign ourselves to that the big dogs like GMAIL will own and control the OpenID/OAUTH world...

...and, I'm sorry, but that cannot possibly be what those at the OpenID Foundation had in mind when they conjured-up this whole thing back in 2006. It cannot possibly be! If it was, then, I'm sorry, it was misguided from the outset. Everything in life cannot be for-profit and privatized, for godsake! The pound of silver cannot end-up being the final determinate of whether or not something good is able to exist. Please tell me that that's not what it has all come down to!

[sigh] Hmmmm. Something to think about, indeed.

Anyone reading this who'd like to discuss it with me -- maybe even get involved -- let me know.

In the meantime, thank you, good people at ALTERNATIVETO.NET, for figuring out how to tie my new GMAIL login to my old MyOpenID account, with whatever little bit of history it had, and also such that I can use my old username. Bravo!

Let's hope all other sites where I've used MyOpenID are as good as you guys!

Keep-up the good work!

Gregg L. DesElms
Napa, California USA
gregg at greggdeselms dot com
1-877-383-5148 (toll-free voice)


Currently Using

Comment by impossible
about myOpenID · Jul 2013 · Helpful Not helpful Report as spam

I am currently using this and it worked fine its fast, ive yet to find out more. What i did not like wast that it was down for a couple days untill today i was able to sign in. Make sure you have alt sign in methods