Sunday, May 31, 2009

Federated authentication - Gmail and Facebook

Facebook now supports "linked" Gmail accounts, by which they mean OpenID 2.0 authentication.

I linked my FB and Gmail accounts, so now as long as I'm logged in to Gmail I can use FB without additional authentication. The link process also grants FB access to my Gmail address book -- for better or worse. Facebook will also accept an OpenID URL.

I swear I saw evidence of a Gmail specific OpenID URL recently, but I can't recreate it. Google has not yet officially released an official OpenID URL for Gmail accounts they are available, oddly, via Blogger.

This can't come fast enough. This kind of authentication means I can use a robust password with Google and not have to maintain a large number of complex passwords. It also means I can integrate account information without having to (unthinkable) share my Gmail/Google account password.

Now if Google would only accept more robust forms of authentication than mere passwords ...

Update 8/31/09: This only worked for a few weeks, then it stopped working. I also experienced a possibly unrelated increase in the need to reauthenticate. I'm not surprised this sort of thing doesn't work at first -- the cooperation requirements are very steep.

No comments: