Does Meta Filter support OpenID? June 6, 2007 9:48 AM   Subscribe

Does Meta Filter support OpenID?...and can I convert my existing account for Metafilter into an Open ID one and still keep my account history?
posted by friedbeef to Feature Requests at 9:48 AM (75 comments total) 2 users marked this as a favorite

No and n/a.
posted by null terminated at 9:56 AM on June 6, 2007


Nope and nope, unless mathowie has been keeping some strange secrets. A mefi account is just a mefi account, and is not convertible to or compatible with any other ID systems.
posted by cortex (staff) at 9:56 AM on June 6, 2007


An OpenID login option would be neat.
posted by chrismear at 10:03 AM on June 6, 2007


What account history?
posted by OmieWise at 10:07 AM on June 6, 2007


Not yet and once we do openid it'd just be an associated account for speedy logins from your openid provider
posted by mathowie (staff) at 10:11 AM on June 6, 2007


What account history?

You know, these words what we type in these boxes at the bottoms of the pages.
posted by chrismear at 10:16 AM on June 6, 2007


In the case of the OP of this thread, there's not much there that really needs saving ...

(though I'm sure every syllable is pure platinum goodness.)
posted by Dave Faris at 10:29 AM on June 6, 2007


What account history?

You know, these words what we type in these boxes at the bottoms of the pages.

We being most of us, excluding friedbeef.
posted by carsonb at 10:29 AM on June 6, 2007


Yeah, what Dave Faris said. It's a curious question to ask in the present tense as there isn't much history there.
posted by OmieWise at 10:48 AM on June 6, 2007


you seem to have enjoy the openID. A lot. What's up with that?
posted by boo_radley at 10:52 AM on June 6, 2007


Next up, a post to Mefi Music entitled "OpenID and Me in the Key of E".
posted by mr_crash_davis at 10:54 AM on June 6, 2007


Oh, I see. Sorry.
posted by chrismear at 10:59 AM on June 6, 2007


Hi, I really like pickles. Does Matt Howie send pickles to people, and if so, how can I give him my address?
posted by Deathalicious at 11:09 AM on June 6, 2007 [3 favorites]


What would be the point:

1) Letting you comment without an account but with an OpenID?

2) Letting you use username@metafilter names on random others sites?
posted by smackfu at 11:15 AM on June 6, 2007


He loves OpenID so much, he favorited his AskMe question about it. Wonder what fried beef has to do with OpenID - surely it has to relate somehow.
posted by Iamtherealme at 11:31 AM on June 6, 2007


Seconding boo_radley's question.
posted by !Jim at 11:32 AM on June 6, 2007


Not yet and once we do openid it'd just be an associated account for speedy logins from your openid provider

I think making MeFi a provider would be more useful, though of course the two are not mutually exclusive.
posted by scottreynen at 11:32 AM on June 6, 2007


Pickle of the month club?
Make mine dill!
posted by blue_beetle at 11:33 AM on June 6, 2007


I can't find anything suspicious about this user and openID. I think he just really likes it, maybe?
posted by puke & cry at 11:59 AM on June 6, 2007


You know who else didn't support OpenID? That's right: Freud.
posted by It's Raining Florence Henderson at 12:04 PM on June 6, 2007 [2 favorites]


Matt has mentioned implementing OpenID for Metafilter somewhere before (his blog?), so the question hasn't come entirely out of thin air.
posted by Aloysius Bear at 12:11 PM on June 6, 2007


Matt has mentioned implementing OpenID for Metafilter somewhere before

Here.
posted by justgary at 12:24 PM on June 6, 2007


Hmm. This looks like a turfgrass effort of some strange and previously unstudied variety.
posted by anotherpanacea at 12:31 PM on June 6, 2007


Yeah, I already setup an openID login here (but you have to associate your mefi username with your OpenID URL) which means in the future, you could just login to mefi using foo.livejournal.com if that was your OpenID URL.

But I found some glaring security thing where the credentials were sent in a URL that could be sniffed or copied, but I eventually found a way to prevent that man in the middle type thing.

So yeah, someday, speedy logins and you won't have to remember your mefi login anymore, but I don't feel like becoming a provider or letting people comment without a full mefi account.
posted by mathowie (staff) at 12:54 PM on June 6, 2007


That's too bad, because I'd trust you as a provider, Matt.
posted by Ethereal Bligh at 1:03 PM on June 6, 2007


I don't completely understand the technique, but if there are people out there advertising for it, I'm pretty sure I don't like it. /curmudgeon
posted by anotherpanacea at 1:22 PM on June 6, 2007


obligatory: you log out???
posted by quonsar at 1:33 PM on June 6, 2007


None of the pages I looked at explained clearly what OpenID actually is - they all seem to be pages of computer-generated DotCom-2.0 style Lorem Ipsum filler - "OpenID is an open, decentralized, free framework for user-centric digital identity" indeed. Apparently it's my "passport to all websites requiring a username and password" but I'm sure Microsoft once sold me something like that too. So I'm supposed to tie myself to a single "provider" who "provides" something nebulous. Gah! PROBABLY DO NOT WANT BUT UNWILLING TO TRANSLATE MARKETING BULLSHIT INTO ENGLISH TO FIND OUT.
posted by nowonmai at 1:45 PM on June 6, 2007 [5 favorites]


What nowonmai said. I don't get it.
posted by wierdo at 1:49 PM on June 6, 2007


OpenID Explanation.
posted by blue_beetle at 1:51 PM on June 6, 2007


In a nutshell, it gives you access to numerous sites by logging in at one place. For example, if you are logged in using your LiveJournal account, you might be able to use MetaFilter without logging in to it separately.

(nowonmai: that is not actually marketing bullshit, it's technical jargon. All those words actually have meaning. I used to work for a company in the digital identity field.)
posted by kindall at 2:11 PM on June 6, 2007


All this talk about pickles made me hope that there really was a pickle of the month club.

There isn't. I wish you people would stop gherkin me around.
posted by boo_radley at 2:12 PM on June 6, 2007 [1 favorite]


All this web 2.0 for its own sake stuff is kind of like...hmm, can't think of an apt simile or metaphor due to the complete lack of substance to it. Maybe like buying vitamin capsules, then opening the capsules up and dumping out the vitamins, then making a soup broth from a pile of empty capsules.
posted by Burhanistan at 2:27 PM on June 6, 2007 [1 favorite]


It doesn't sound very secure: forget that AOL or Microsoft or Metafilter can see all the places I log in... what happens when my account is compromised? It sounds like I'd lose everything: my airline account, my credit card account, all of my email accounts, and yes, my metafilter account, just because someone got one of my passwords.
posted by anotherpanacea at 2:28 PM on June 6, 2007


i'm waiting for OpenVagina support, which will give me access to numerous "sites" by "logging" into one.
posted by quonsar at 2:53 PM on June 6, 2007 [1 favorite]


The point will be moot after Google or Yahoo buys Matt out.
posted by Dave Faris at 2:56 PM on June 6, 2007




quonsar: watch out for man-in-the-middle attacks.
posted by boo_radley at 2:59 PM on June 6, 2007 [1 favorite]


boo: It's pricey. I recommend the chips & salsa one, though.
posted by dogwalker at 3:15 PM on June 6, 2007


Hmm. This looks like a turfgrass effort of some strange and previously unstudied variety.

Seconding this... something seems very fishy.

If you change his questions to statements, they read like something straight from a PR department:
MetaFilter should support Open ID. If it does, you can convert your existing account for Metafilter into an Open ID one and still keep your account history! Invest now!
And his AskMe is no better. "There are so many OpenID providers out there, what features should I be looking out for?" It's like reverse psychology. Tell people the advantages of the thing you are astroturfing by asking for them.
posted by CitrusFreak12 at 3:15 PM on June 6, 2007


In a nutshell, it gives you access to numerous sites by logging in at one place.

This seems odd to me. Most places have a cookie, so you only have to login once, so what's the benefit of OpenID?
posted by Brandon Blatcher at 3:26 PM on June 6, 2007


Upon further investigation, shouldn't someone who runs a tech website and wrote an article about OpenID back in 2006 know a little something about OpenID? So why the AskMe?

Like I said. Fishy.

Then again I could be completely and utterly mistaken.
posted by CitrusFreak12 at 3:26 PM on June 6, 2007


man, $200 oughta buy more than 12 jars of pickles. That's nuts, dogwalker.
posted by boo_radley at 3:29 PM on June 6, 2007


They're probably really good pickles, though.
posted by puke & cry at 3:39 PM on June 6, 2007 [1 favorite]


anotherpanacea, OpenID isn't owned by any one particular company. So you can choose to host your identity with one of the companies you trust. If AOL or Metafilter don't do it for ya, there are hundreds of others. (In theory. In reality, MeFi won't be acting as an OpenID server.) If you don't trust anyone and you have the technical chops you can just host your own identity with a single PHP script like phpMyID.

Brandon, it's the process of creating yet another account at each individual service or blog that OpenID helps out with. The way mathowie's talking about implementing it here won't help with registration, but that's the idea behind OpenID.
posted by pb (staff) at 3:39 PM on June 6, 2007


"All this talk about pickles made me hope that there really was a pickle of the month club."

Keep your eye on projects. That's all I'm going to say right now.
posted by buriednexttoyou at 4:03 PM on June 6, 2007


"'All this talk about pickles made me hope that there really was a pickle of the month club.'

Keep your eye on projects. That's all I'm going to say right now."


Will it be called Dill or No Dill? It could really become your bread and butter.
posted by mr_crash_davis at 4:09 PM on June 6, 2007 [2 favorites]


There's no incentive to astro-turfing for OpenID. It's going to be damn-near inescapable in the next year or so anyway.

I've been waiting to jump on it myself, after enough websites start supporting it.
posted by empath at 5:22 PM on June 6, 2007


There's a screencast video somewhere of simon williamson talking about it and he shows you how he can quickly log into three sites by just popping in a URL instead of having to login.
posted by mathowie (staff) at 5:31 PM on June 6, 2007


When are all these damn Creationists going to just give up and accept evolution instead of trying to hide behind the word "Open"?
posted by Rhomboid at 5:39 PM on June 6, 2007 [2 favorites]


If you don't trust anyone and you have the technical chops you can just host your own identity with a single PHP script

Thanks for the elaboration pb; the fact that you're defending this suggests it's actually not so bad, but something about the whole setup is counter-intuitive.

So I point my browser at metafilter.com, and when I login, it sends me back to anotherpanacea.com, where I then login to my own server. Not a bad thing, I guess, but it seems like the very generality of the process leaves it open to abuse. I'd tell amazon, metafilter, and innocuous.site the same info about my OpenID, right? Isn't there a potential for phishing, where innocuous.site doesn't send me back to my real OpenID but instead harvests my login info? Couldn't innocuous.site go look at the link I've given it, make a copy of my OpenID login screen, and then trick me pretty easily?
posted by anotherpanacea at 5:43 PM on June 6, 2007


There's no incentive to astro-turfing for OpenID

That's what makes it so strange! Why is he doing it then? I kid. It was just really odd...

There's a screencast video somewhere of simon williamson talking about it and he shows you how he can quickly log into three sites by just popping in a URL instead of having to login.

Without having to log in or without having to register or both?

I mean I just have cookies enabled and it really only takes me five seconds to type in my username and password if I'm not automatically logged in... so I'm not sure I see what the purpose behind it all is.

However, if I could use this thing to not have to register for a site, then I can see the use for such a thing.
posted by CitrusFreak12 at 5:47 PM on June 6, 2007


Heh... much like askme, I started wondering about the question so much that I realized a little googling might solve it. But this page, which gives a much clearer idea of the problem, gives solutions which I still don't understand. ("petnames"?!?) I guess I won't be an early adopter.

Hell, I'm still in awe of Google's Browser Sync, but I'd guess it's significantly less secure than whatever the OpenID folks will come up with.
posted by anotherpanacea at 5:55 PM on June 6, 2007


I saw this on waxy a while ago - "use your Yahoo! account as an OpenID". Might interest some of you.
posted by puke & cry at 6:10 PM on June 6, 2007


it sends me back to anotherpanacea.com, where I then login to my own server.

Actually, if you're already logged in (you probably are if you hit your own site or other services every day like blogging) it would just bounce over to your site, read your cookie, and pop you into the logged in state on metafilter. It actually is pretty cool once you set everything up because you can forget about half a dozen passwords.
posted by mathowie (staff) at 6:10 PM on June 6, 2007


Here's that screencast I was talking about. It should explain pretty much everything. It's a minor convenience feature in the end.
posted by mathowie (staff) at 6:12 PM on June 6, 2007


CF12, that blog post you linked is about ClaimID, which is different from OpenID (although apparently it supports OpenID as a way of logging in).
posted by Partial Law at 6:17 PM on June 6, 2007


It doesn't sound very secure: forget that AOL or Microsoft or Metafilter can see all the places I log in... what happens when my account is compromised? It sounds like I'd lose everything: my airline account, my credit card account, all of my email accounts, and yes, my metafilter account, just because someone got one of my passwords.

In practice, everybody uses the same password at every site anyway, so it's not appreciably less secure.

But yeah, don't expect to see any banks supporting it. It's mostly for blogs and social sites at this point. Perhaps some online merchants -- if it can save me filling out my name and address a gazillionty-leven times, I'm for it.
posted by kindall at 6:31 PM on June 6, 2007


It actually is pretty cool once you set everything up because you can forget about half a dozen passwords.

But I forget that many already!
posted by jessamyn (staff) at 6:57 PM on June 6, 2007 [2 favorites]


"I can't find anything suspicious about this user and openID. I think he just really likes it, maybe?"

Yeah I really do :) Trying to see how many of the sites I like I can link together so it creates an online identity.
posted by friedbeef at 6:58 PM on June 6, 2007


And then the astroturfing!
posted by mr_crash_davis at 7:41 PM on June 6, 2007


Blast! Foiled again! Damn you, Partial Law!
::twirls mustache::

And then the astroturfing!

And then the spankings!
posted by CitrusFreak12 at 8:18 PM on June 6, 2007


And the oral sex!
posted by Meatbomb at 2:38 AM on June 7, 2007


It actually is pretty cool once you set everything up because you can forget about half a dozen passwords.

The curmudgeon in me says, if you can't memorize half a dozen passwords, then you shouldn't be allowed on the internet. and doesn't everyone have about 3 or 4 internet passwords, each used for different levels of security i.e. the metafilter password isn't the same or as complex as my banking password?

And have you seen kids these days? Can't memorize for shit, they're so used to just hitting a speed dial button of their cell. Why back in my day, we had to build our own cell towers before making every call. In the snow. Uphill. BOTH ways.
posted by Brandon Blatcher at 4:12 AM on June 7, 2007


It actually is pretty cool once you set everything up because you can forget about half a dozen passwords.

It's not just about the passwords. I'm more interested in the fact that it's a single identity, meaning that if for example - MeFi and Wikipedia were both on OpenID, I may be able to tell that a user although new to MeFi had already done 2000 approved edits in Wikipedia and thus be a credible user, and thus potentially be more trustworthy in any given community
posted by friedbeef at 5:37 AM on June 7, 2007 [1 favorite]


Assuming, that is, that both MeFi and Wikipedia made their users' OpenID URLs public, which would not necessarily be the case.
posted by chrismear at 5:39 AM on June 7, 2007


Thanks for the screencast. I follow a little better now, though phishing still seems very likely. I'd want to maybe see how Firefox integrates it to manage the whole kaboodle. I'd also like to see some sort of alternate path built in, so that, for instance, account loss could be backstopped by rerouting everything to a new provider, the way most sites will remail your password if you forget.
posted by anotherpanacea at 5:43 AM on June 7, 2007


The curmudgeon in me says, if you can't memorize half a dozen passwords, then you shouldn't be allowed on the internet.

My point was of the 50 logins on different systems I have to remember and use, thanks to openid, I can forget about half a dozen of them, which is nice.
posted by mathowie (staff) at 6:59 AM on June 7, 2007


If you're setting up your own OpenID provider, this is a great, simple openID test page.
posted by Skorgu at 8:19 AM on June 7, 2007


And the oral sex!
See, sometimes pointless MeTa threads do wendell.
posted by nowonmai at 9:05 AM on June 7, 2007


See, sometimes pointless MeTa threads do wendell.

This thread delivers


orgasms.
posted by spiderwire at 9:44 AM on June 7, 2007


I very rarely run into anyplace that actually uses OpenID, despite having my id all set up and ready to use.
posted by smackfu at 9:52 AM on June 7, 2007


I very rarely run into anyplace that actually uses OpenID

We ran into the same problem at OneName. Fortunately, OpenID isn't a company, so it won't go out of business for it like OneName did...
posted by kindall at 11:58 AM on June 7, 2007


Well, I wouldn't stake my life on it but I wouldn't mind having a bet that friedbeef has some sort of steak in this.
posted by tellurian at 5:42 PM on June 7, 2007


I like the idea of being able to use openID, for what it's worth. Not a huge priority though, since I leave most off shit logged in all the time anyway.
posted by !Jim at 10:10 PM on June 7, 2007


« Older FPPt   |   Cut short in its prime. Newer »

You are not logged in, either login or create an account to post comments