Yahoo to permit others to leverage their authentication system

[yesthattom]

http://www.theurer.cc/blog/2006/09/29/launching-the-un-launch-able/

And... every phisher in the planet smiles, jumps up, and yells, “Yippie! I’m gonna be RICH!”

This is going to be a bad, bad, idea that Yahoo comes to regret ever considering.

Comments

[dossy.livejournal.com]

The truth is the phishers have been getting rich just fine before. At least now, we can legitimately take advantage of Y! services.

As my friend Joe said, "Now I can finally write the 'forward my Y! mail to Gmail' script ..." -- heh.

[rmitz.livejournal.com]

Uh, you know google basically already has the same thing, right? Anyway, I see this as a good thing, particularly since as opposed to google's which requires you have *some* access to their google account, yahoo's can just use their authentication credentials as a SSO procedure, though they're still working on the details of that.

Of course, I'm also still bitter at the 6 char google minimum, making my preferred username impossible.

[yesthattom.livejournal.com]

Google doesn't let other people use their SSO system for their own apps at this time.

[rmitz.livejournal.com]

From my reading, Yahoo's system is not significatnly different from Google Authentication at this point. Except that Yahoo's system does not require that the user give some permissions for the destination web app to access the user's data. In my reading of the google docs, it can be used for web authentication, it's not really as clean, though.

http://code.google.com/apis/accounts/AuthForWebApps.html