There really wasn't anything better, is the problem. There still isn't, unless we're willing to support closed systems like Facebook Connect or Windows Live ID, which isn't really a great idea. OpenID isn't perfect, but it's better than most options, has the benefits of being easy to implement and easy to maintain, is widely adopted, and already has ongoing dialog about how to best extend the protocol to alleviate the problems that have been identified with it.
The risks inherent to OpenID are much the same as the risks inherent to using the internet -- anyone's account can be hijacked, anyone can use a service that recycles usernames, anyone can share an account login with a significant other. (Anyone can share an account login with a SO they then break up with, who takes all their data and all the friends' data they have access to and smears it all over the internet. In the six years I worked for LJ, this happened approximately four orders of magnitude more often than someone having a privacy violation traceable back to the use of OpenID.) In my measured and professional opinion, the risk associated with the use of OpenID is (less than) negligible, and spending more than a minor amount of time on mitigating those risks is a poor use of time. Some risks are inherent to life on the internet, and this really is one of them.
I have put a warning on OpenID recycling in the FAQ on granting access to people, and fu is working on adopting identifier fragments for renamed accounts' OpenIDs. Anything more than that is bad return on investment.
(And thanks for accepting the apology. I'm at the point where I'm frustrated by the discussion, because it doesn't seem to be doing anything other than retreading the same ground and as I said the risks are negligible, but I really shouldn't have taken it out on you and I promise to caffeinate and count to ten before replying to comments in the future.)
Re: It is not a trust system
The risks inherent to OpenID are much the same as the risks inherent to using the internet -- anyone's account can be hijacked, anyone can use a service that recycles usernames, anyone can share an account login with a significant other. (Anyone can share an account login with a SO they then break up with, who takes all their data and all the friends' data they have access to and smears it all over the internet. In the six years I worked for LJ, this happened approximately four orders of magnitude more often than someone having a privacy violation traceable back to the use of OpenID.) In my measured and professional opinion, the risk associated with the use of OpenID is (less than) negligible, and spending more than a minor amount of time on mitigating those risks is a poor use of time. Some risks are inherent to life on the internet, and this really is one of them.
I have put a warning on OpenID recycling in the FAQ on granting access to people, and
(And thanks for accepting the apology. I'm at the point where I'm frustrated by the discussion, because it doesn't seem to be doing anything other than retreading the same ground and as I said the risks are negligible, but I really shouldn't have taken it out on you and I promise to caffeinate and count to ten before replying to comments in the future.)