The Case Against OpenID: Why You Shouldn’t Implement OpenID on Your Website

Written by James GunterFebruary 3, 2011

Single sign-on is a great way to authenticate users without having to keep and track usernames and passwords for all your site members. It’s also great for users, because they don’t have to create new credentials for your site. In addition, using single sign-on plugins like Login with Facebook, Twitter, Google, and more, lower the barrier of entry for new users to join your site. All in all, single sign-on is a win-win for just about all involved. However, outside the array of social networks and email providers that provide single sign-on services and plugins, there are a few single sign-on services, like OpenID, that essentially provide the same user authentication functionality but provide a much smaller benefit to you as a site owner.

Unaffiliated Single Sign-on

OpenID and similar services allow users to create authentication credentials that are not tied to any specific social network. In the eyes of many, this is an extremely positive trait. If your login credentials are not tied to details about your social and personal life, then you are less exposed when you share those credentials with a 3rd party site. And since OpenID is free, there’s really nothing to lose, right?

De-personalized User Experience

Integrating your site with Facebook, Twitter, or other sites opens up your site to create personalized user experiences based on your users personal information and friends’ activity, pulled (with their permission) from their social network of choice. Privacy advocates love OpenID because it de-personalizes the Internet for them. However this is actually one of the worst things about using OpenID.

From a user standpoint, using OpenID is like going to a new restaurant. Since you’ve never been there before, you sit down and look at the menu and try and figure out what sounds good, eventually deciding on something that sounds nice but you have never tried before. You eat. The food is okay. You pay your bill and leave.

But if you use something like Facebook as your single sign-on, once you enter the restaurant, you see 3 other people you know there. When you look at the menu, you can see what your friends have recommended, and the waiter knows what kind of food you like already, so he gives you suggestions as well. You eat, and the food is fantastic because it’s exactly the food that you want. Then you pay your bill and let all your friends know that you like the restaurant.

In a real-life setting, the second restaurant would be an amazing dining experience. But for some reason, advocates of OpenID want to sit in the restaurant alone with no idea what to order. As a site owner, you should care about giving your users a great, personalized experience, and that’s not something that OpenID can offer.

Loss of Expanded Interaction

Beyond the loss of providing a great user experience for your users, OpenID limits your ability to market through social networks. With Twitter or Facebook connectivity, you can suggest that your users publish their activity on your site back to their social graph. If they like what you provide for them, they’ll have no problem letting all their friends know about your site as well—at the click of a button.

With OpenID, you miss out on the chance to get some great word-of-mouth marketing and endorsements out into the social community of your users. That means less new signups, less site visits, and—ultimately—less revenue.

Help Your Site Flourish

The fact of the matter is that there are many people out there who do not understand how personalization and the sharing of personal information work. Advocates of OpenID get scared when they see that a website “knows” who they are connected to through their social graph. But it’s not like there is some creepy guy on the other side of your screen looking through all your personal friends when you visit the site. There is code looking at your information, and it’s not talking to anyone. In fact, it’s impossible for the code behind these personalization plugins to share info with the site that hosts them. So there is no benefit from cutting yourself off from the personalization that social networking sites offer.

What it all comes down to is that, as a site owner, you need your site to flourish across the web. And the best way to do that is to get your content shared and passed along through social networks. Thus, implementing social single sign-ons will help you do that much quicker than using OpenID for user authentication.

Social login powered by Gigya