Update: Yahoo to support OpenID single sign-on

People with a Yahoo user name and password will be able to use that ID information to access non-Yahoo Web sites that support the OpenID 2.0 digital identity framework, reducing the amount of different log-in information people need to create, remember and enter online.

Already, almost 10,000 Web sites support OpenID, an open framework available for free to end users and Web site operators alike, according to the OpenID Foundation.

Yahoo's move will triple the number of OpenID accounts to 368 million by adding its 248 million active registered users to the rolls, the company said Thursday.

OpenID addresses one of several issues related to giving people more control of their online activities. Other groups are focusing on data portability, to let people move around the data and content they create online, so that they don't have to enter it manually in, say, every social-networking site they sign up for.

Yet other initiatives, like Google's OpenSocial, aim to create standard interfaces so that developers can create applications that run in multiple social-networking sites, instead of having to rewrite the same application multiple times for every site.

For all of these initiatives, it's critical for major Internet players to get involved, so that the benefits of standard technology and methods developed by groups like OpenID can have a real-world impact.

Unsurprisingly, in Thursday's statement, Scott Kveton, the OpenID Foundation's chairman, hailed Yahoo's support as a crucial validation of the framework that will help spur its adoption by other large Web site operators.

Other major players that have expressed interest and gotten involved in varying degrees with OpenID include Google, Six Apart, AOL, Sun, Novell, and Microsoft.

Yahoo users will be able to take advantage of OpenID in two ways, Raj Mata, Yahoo's membership director, said in an interview.

The first is through the traditional OpenID authentication method: a unique URL string in the format http://me.yahoo.com that will be assigned to each Yahoo member and which they can enter into the log-in prompt in OpenID-supporting sites. That URL string will start with http://me.yahoo.com and be followed by a unique identifying word, Mata said.

On Jan. 30, Yahoo members will be able to retrieve their OpenID URL by going to the Yahoo/OpenID site. The OpenID URL will be assigned by Yahoo, but users will be able to change the unique part of the string to a word of their choice, Mata said.

The other way in which Yahoo users will be able to take advantage of OpenID is in sites that, in addition to the URL string, will also embed a conventional Yahoo log-in prompt on their site. In those cases, Yahoo users will simply need to enter their Yahoo user name and password to log in. The information will be verified on Yahoo servers and, once authenticated, Yahoo will inform the external site that the person is a Yahoo user. The external site doesn't see any log-in information, Mata said.