Archive for May, 2008

Demand OpenID! is a new service which enables you to demand OpenID login support from websites you visit everyday. It’s a simple website and bookmarklet that provides a “one click call to action” for requesting support at your favorite websites.

How does it work? After you sign in for the first time, you’ll be given a bookmarklet to add to your web browser. Later, when you visit a website that asks you to log in and you wish it had OpenID support, just click the bookmarklet to have your vote recorded on the Demand OpenID website. Take a look at the demands for OpenID on Twitter. The service is unique in that it requires a user to log in with their OpenID, and publicly displays their votes on the website. It shows that these are people who have OpenIDs, and want to use them at websites across the internet.

Get started at demand.openid.net.

PORTLAND, OR and OVERLAND PARK, KS (May 12, 2008)

JanRain and Positive Networks have developed a phone-based,
two-factor authentication solution specifically designed to
support users of myOpenID. myOpenID, the most popular
independent OpenID provider, is a free, fully featured, and
secure solution for users who want their own personal OpenID
identity. The new secure authentication offering, CallVerifIDTM,
is available immediately to all myOpenID users and is based on
Positive Networks’ PhoneFactor service. PhoneFactor is the
leading phone-based authentication service and does not rely on
text/SMS messages, tokens, certificates or the installation of
hardware.

OpenID is an open standard shared identity service, which enables
users to log on to different web sites and applications using a
single digital identity, eliminating the need to create and
manage separate user names and passwords for each site. OpenID
empowers users to control when, where, and how they share
personal information.

“As the adoption and usage of OpenID accelerates across thousands
of websites and applications, it is becoming increasingly
important to provide multi-factor authentication options, said
Brian Kissel, CEO of JanRain. “Adding CallVerifID powered by
PhoneFactor to the myOpenID service provides users with the best
two-factor authentication solution available.”

The new offering is based on the award-winning PhoneFactor
technology and provides simple two-factor authentication and
identity protection with far greater security than only using
passwords. This phone-based authentication service can use any
phone (mobile or landline) as a second authentication factor.
The user enters a myOpenID username and password as usual, then
simply answers an automated instant telephone call and presses
“#”. This completes the authentication process. Complete
two-factor authentication and identity protection is instantly
enabled with no need for tokens, smart cards or certificates.
CallVerifID is currently available for free to myOpenID users in
the United States and many other countries, and as an additional
service for business clients provisioning OpenIDs to both
customers and employees.

“Adding strong authentication to OpenID must be simple,
convenient and very secure if it is to work for most people.
This rules out most traditional solutions like tokens, but is
ideal for a phone-based solution like PhoneFactor, said Tim
Sutton, CEO of Positive Networks. “We think that the marriage of
OpenID and PhoneFactor will be the first really scalable
multifactor solution”.

About JanRain:
JanRain is a leading provider of OpenID technology
and solutions. Having contributed to the development of the
OpenID specifications and written many of the open source
libraries, test scripts and sample implementations, JanRain’s
source libraries power the majority of today’s OpenID-enabled
websites. JanRain manages myOpenID.com, the most popular
independent OpenID provider for consumers and businesses. Based
in Portland, OR, JanRain was a key contributor in establishing
the OpenID Foundation and provides a full range of OpenID
enablement and provisioning services.

About Positive Networks:

Positive Networks is a leading provider of security products and
services, including the award-winning PhoneFactorTM two-factor
authentication and identity protection service, and the
PositivePROTM remote access service. Awards include:
“Best-in-Class” Service Provider by Stratecast Partners, finalist
for SC Magazine Excellence Award, AlwaysON AO100, Info Security
Product Guide Product Excellence Award winner. For more
information, please call 877-668-6536 or visit
www.phonefactor.com.

One of the most useful statistics to track the growth of OpenID is the count of Relying Parties (web sites that accept OpenID). Since launching myopenid.com nearly three years ago, we have been able to provide a fairly decent view of the RP landscape. Two and half years ago it was like Christmas every time a new site appeared. Whereas today we regularly see a 100 new unique sites a day.

Since we started providing these numbers, we’ve taken a conservative approach in what we call an RP. We strip out what appears to be purely dev testing. Anything with localhost, .local, ports other than 80 & 443 gets tossed. We also consolidate obvious related trustroots into one. For example sites like 37 signals, wetpaint and others, create many unique trustroots (which is perfectly valid), but for a truth in numbers sake we don’t count these as a separate 1000 sites, we count them as 1. Sometimes these patterns aren’t immediate obvious and we retroactively add them to a filter list. This can cause the RP count to be adjusted slightly downward over time.

At the end of April there were 13196 RP’s. At current rates, this number doubles before the kids go back to school in the fall, but I suspect we will be at a steeper growth curve before that time (more on this in another post).