OpenID is an open standard that describes how users can be authenticated in a decentralized manner, obviating the need for services to provide their own ad hoc systems and allowing users to consolidate their digital identities. The OpenID protocol does not rely on a central authority to authenticate a user's identity. Moreover, neither services nor the OpenID standard may mandate a specific means by which to authenticate users, allowing for approaches ranging from the common (such as passwords) to the novel (such as smart cards or biometrics). The term OpenID may also refer to an ID as specified in the OpenID standard; these IDs take the form of a unique URL, and are managed by some 'OpenID provider' that handles authentication. OpenID authentication is now used and provided by several large websites. Providers include AOL, BBC, Google, IBM, MySpace, Orange, PayPal, VeriSign, LiveJournal, and Yahoo!. This book is your ultimate resource for OpenID. Here you will find the most up-to-date information, analysis, background and everything you need to know. In easy to read chapters, with extensive references and links to get you to know all there is to know about OpenID right away, covering: OpenID, Ajax (programming), Atom (standard), Bistro Framework, Extensible Messaging and Presence Protocol, OAuth, Open Cloud Computing Interface, Open Data Center Alliance, OpenDD, Representational State Transfer, Web of Things, Password, 1dl, 2D Key, ATM SafetyPIN software, Canonical account, Challenge-Handshake Authentication Protocol, Challenge-response authentication, Cognitive password, Default password, Diceware, Draw a Secret, Duress code, LM hash, Munged password, Numina Application Framework, One-time password, OTPW, Partial Password, Passmap, PassPattern system, Passphrase, Password authentication protocol, Password cracking, Password fatigue, Password length parameter, Password management, Password manager, Password notification e-mail, Password policy, Password strength, Password synchronization, Password-authenticated key agreement, PBKDF2, Personal identification number, Pre-shared key, Privileged password management, Random password generator, Risk-based authentication, S/KEY, Secure Password Authentication, Secure Remote Password protocol, SecurID, Self-service password reset, Shadow password, Single sign-on, Swordfish (password), Windows credentials, Zero-knowledge password proof, Federated identity, Federated identity management, SAML-based products and services, Apple ID, Athens (access and identity management service), CoSign single sign on, Credential Service Provider, Crowd (software), Digital identity, E-Authentication, Enterprise Sign On Engine, EZproxy, Facebook Platform, Google Account, Higgins project, Identity Governance Framework, Information Card, Information Card Foundation, Janrain, JOSSO, Light-Weight Identity, Novell Access Manager, OneLogin, OpenAM, OpenSSO, Point of Access for Providers of Information, Pubcookie, Shibboleth (Internet2), Sun Java System Access Manager, Ubuntu Single Sign On, Windows CardSpace, Windows Live ID, Yadis, DataPortability, Identity Commons, Kantara Initiative, Liberty Alliance, National Strategy for Trusted Identities in Cyberspace, SC 27 This book explains in-depth the real drivers and workings of OpenID. It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of OpenID with the objectivity of experienced professionals.