You don't have to type your password as often, remember as many passwords (if you would use different ones for different sites), or keep passwords in sync (if you would use the same password at many sites).
All the sites I visit remember my password. My browser remembers my password on top of that. My browser is synced to all my other browsers, etc.
Given the StackOverflow example, it would take exactly 5 seconds to type in my usual username and unsecure password and start using the site. The whole Open ID thing seems like a hell of lot more work.
I can type those strings in my sleep, what string to do I type in login to an OpenID site? Oh, you mean I have to find that string somewhere? Probably typing in a lot more than 2 strings to sign up for it? Yeah, I thought so.
You might I'm being purposely difficult -- and maybe I am. But I'm an intelligent user, I visit hacker news, etc. Imagine rolling this out to your average web user? Good luck with that.
Why should we let "the average web user" hold everyone else back?
You might I'm being purposely difficult -- and maybe I am.
I'm not, but I agree that you are. Sometimes times change. You are probably one of the people that adds that "Stop HTML Email" ribbon to your mail signature because the first mainframe you used didn't let you send formatted email. It's not 1960 anymore.
Hold everyone back from what? Technology for technology sake? Why do all this? For security? So nobody can hack into my flickr and look at my pictures of my kittens? For convenience? I have to sign up to some completely unrelated service so I can login to your site?
The average web user isn't going to give a crap, and honestly neither do I. And I generally love technology for technology sake.
And don't get me started on how horrible HTML email is... ;)
Your Flickr account security probably matters to you a lot more than you think. Plenty of people thought the security on their Facebook accounts "didn't really matter", then 4chan got hold of a bunch and used them to totally destroy people's reputations with their real-life friends: http://thecoffeedesk.com/news/index.php/2009/08/22/4chan-hac...
You have to sign up for some completely unrelated service to receive the "validate your email" link. So OpenID is nothing new in this respect; you have always had to have an unrelated service to sign up for websites.
The point now is that every site you visit doesn't have to have your password and email.
A lot of Web 2.0 sites don't even bother validating your email anymore -- such as hackernews, reddit, etc. They have a username and password that isn't connected to anything. That works for me.
And I don't have to signup for some completely unrelated service to receive an email -- everybody already has email.
