OpenID is a good idea. While it may not be something you would want to use for financial sites or anything else requiring a higher level of security than your average web forum or social media site, it could potentially save a lot of time and effort on a daily basis.
The authentication protocol’s biggest shortcoming is not the lack of websites support it, since more sites would implement OpenID logins if there were enough user demand; it’s not a shortage of OpenID providers either, since many large sites offer OpenID URLS. No, the problem is the users. The average web user just can’t seem to wrap their head around the concept.
I was recently struck by an idea that might simplify the experience for non-techies. What if OpenIDs could be in the form of an email address? Everyone is familiar with email addresses, and many sites have already accustomed their users to having their email address as a login name. If you really think about it, email addresses are already what OpenID has set out to be: a persona that you connect various websites to.
Imagine if GMail as your OpenID provider. To log in to an OpenId relying website you would input your email address, be sent over to GMail to verify, and then redirected back. I think it would be a little more user-friendly, providing that OpenID-providing email services made it clear that they offered the service.
