OpenID is a decentralized user-centric identity framework, borne out of the failure of centralized schemes. It replaces dozens of username/password pairs with a single Universal Resource Identifier (URI). Let's say you wanted to have a unique ID that was under your control. You'd create an ID on an OpenID compliant identity server and add a link to it on your personal Web site, Web page, blog and so on. Thereafter, you'd use my Web address as you logon identifier on various sites. Instead of registering a separate ID on each site, you hand them your URI and the Web server you are visiting hands off the authentication to your chosen identity vendor.
How secure is OpenID? The framework is a better approach than trying to keep track of dozens of scattered IDs. As for the security of each OpenID, that depends on the identity server. You can pick and choose depending on the level of security, anonymity or convenience you need. You might have multiple OpenID handles for blogging, banking or shopping — some anonymous, some pseudonymous, some notarized, some requiring two-factor authentication with biometrics. Or, you also can use a service that auto-generates bogus throw-away IDs on-demand.
OpenID offers a Web-based interoperable, distributed and loosely coupled alternative to centralized vendor offerings such as Windows Live ID, AOL, Google or Yahoo accounts. In fact, you could base your OpenID on a Windows Live ID (Microsoft announced plans to support) or AIM ID (beta service running). More sites are supporting OpenID and there are many free (royalty free and open source) libraries implementing it.
From OpenID: User-centric identity, by Andreas M. Antonopoulos, Network World, 03/05/07.
Additional resources
OpenID.net
Resources for developers and users.
OpenID Site Registry
Listings of sites that support OpenID.
OpenID Directory
Another OpenID directory.
