Universities and OpenID
Today's post by Scott Leslie got me thinking about universities and their identity systems. The issue Scott brought up was getting all these web services to play nice with the university's system. Teachers are getting tired of the lack of functionality that's available from their LMS (I have some thoughts on that, too), so they're turning to services elsewhere that provide better features, better interaction and more flexibility. I can't say as I blame them. I heard that at a recent web usability conference the presenter referred to Blackboard as, essentially, the anti-interface. So sure, use the tools that are actually useful, and education actually benefits.
That's great and all, but it leaves the students in a bit of a lurch. That smattering of web services aren't integrated. Like at all. Suddenly a student needs accounts with Blogger, WordPress, the local wiki, Google Docs, etc. etc. etc. And then they have to link up with everyone else to make things work. Day one of class turns into a mass sign-up, sync-up session. That's not a great place to be. Scott put it aptly when he said “those nasty web 2.0 tools won’t single sign-on to my campus login system, so what are we to do?”
Well! OpenID is a pretty cool idea that just might help out. I'm not going to go into specifics, because I'd probably embarass myself if I did, but the basic jist of OpenID is having a common means of authenticating users across multiple sites. In other words, accomplishing a single sign-on, single identity for the whole web. That way when you go to OpenID-enabled site X, instead of having to create a new username and password, you say "dude, I totally already have an account at this OpenID site. I'll just use that account." Then site X says, "oh, my bad. Lemme just go check and make sure," and then "hey OpenID site, you ever heard of this dude?" Your OpenID site finishes up with a "heck yeah" and you're signed in. Once you've signed in once with your OpenID site, you're good to go for that browser session. You can log in at sites X, Y and Z without registering or even putting in your password. Cool beans.
The best news? Sites are actually starting to accept OpenID. You can use Scribd, WordPress, Plaxo, Blogger, Disqus, etc. with a single identifier. Right now.
So here's my thought: Why not make your university an OpenID provider? Schools aren't going to pass their login off to someone else (any time soon, anyway), but I can't think of a reason for them not to share that login at other sites. Let students clump all their school-related accounts into one It would be a great thing for these "edupunk" folks, if nothing else. Besides, I really like the idea of an OpenID account being tied to something more concrete than just a web site somewhere. It... feels... very natural to cluster related accounts around a single global id.
That's great and all, but it leaves the students in a bit of a lurch. That smattering of web services aren't integrated. Like at all. Suddenly a student needs accounts with Blogger, WordPress, the local wiki, Google Docs, etc. etc. etc. And then they have to link up with everyone else to make things work. Day one of class turns into a mass sign-up, sync-up session. That's not a great place to be. Scott put it aptly when he said “those nasty web 2.0 tools won’t single sign-on to my campus login system, so what are we to do?”
Well! OpenID is a pretty cool idea that just might help out. I'm not going to go into specifics, because I'd probably embarass myself if I did, but the basic jist of OpenID is having a common means of authenticating users across multiple sites. In other words, accomplishing a single sign-on, single identity for the whole web. That way when you go to OpenID-enabled site X, instead of having to create a new username and password, you say "dude, I totally already have an account at this OpenID site. I'll just use that account." Then site X says, "oh, my bad. Lemme just go check and make sure," and then "hey OpenID site, you ever heard of this dude?" Your OpenID site finishes up with a "heck yeah" and you're signed in. Once you've signed in once with your OpenID site, you're good to go for that browser session. You can log in at sites X, Y and Z without registering or even putting in your password. Cool beans.
The best news? Sites are actually starting to accept OpenID. You can use Scribd, WordPress, Plaxo, Blogger, Disqus, etc. with a single identifier. Right now.
So here's my thought: Why not make your university an OpenID provider? Schools aren't going to pass their login off to someone else (any time soon, anyway), but I can't think of a reason for them not to share that login at other sites. Let students clump all their school-related accounts into one It would be a great thing for these "edupunk" folks, if nothing else. Besides, I really like the idea of an OpenID account being tied to something more concrete than just a web site somewhere. It... feels... very natural to cluster related accounts around a single global id.
Comments
Second, I do hope OpenID can play part of a solution, and have urged institutions to consider becoming OpenID providers. Problem is - there isn't really a shortage of OpenID providers - it's OpenID *consumers* that are scarce. It looks great on paper, but too many big players are stil playing the scarcity/lockin game with their accounts (and data).
There really is a role here for a higher ed-wide push (one that is NOT shibboleth, that is outward focused and with less overhead/more traction) to engage various big industry players and create some movement on this. I still hold out hope that Educause or Internet2 or some such sized body can create movement on this. And there are some promising glimpses on the horizon. But this reamins a major stumbling block, one that for now leaves us recommending "fully open" approaches even when the arguments for them aren;t as strong as we'd like, simply to avoid this. Which is a shame, because to be stuck with so much of the internally hosted crap we end up with simply for the sake of a "single sign-on" or campus controlled authentication seems sad.