Today we're excited to announce that on Thursday, January 20, Yahoo! opens to third-party user authentication with Facebook and Google logins (via OpenID) across the Yahoo! Network. Hundreds of millions of Facebook and Google users will be able to easily sign in and interact on Yahoo! using their Facebook or Google IDs. This eliminates the proverbial necessity of registering for yet another new ID and remembering yet another password. From Yahoo!'s perspective, any signed-in user engaging with Yahoo! services is a valued user, whether she authenticates using a Yahoo!, Facebook, or Google ID.
By supporting user sign-in to Yahoo! through Facebook and Google, we streamline the Yahoo! user identity creation process and can further personalize user experience across Yahoo! services. Commenting on a Yahoo! News article, playing Yahoo! Fantasy Sports, or interacting with photos on Flickr -- now users can do all this with their existing Facebook or Google IDs. Returning users who are already signed in to Facebook or Google can benefit from the “one-click” sign-in to Yahoo!, no longer required to enter ID and password. You can initiate the “one-click” sign-in simply by clicking on the "Sign in with: Facebook or Google" icon on the Yahoo! login screen. You are then signed in to Yahoo!, ready to participate fully.
*Watch a screencast showing the user flow of logging into Yahoo! with a Facebook ID..
*Watch a screencast showing the user flow of logging into Yahoo! with a Google ID.
Many challenges remain. For example, you still won’t be able to sign into a mobile or desktop client using a Google OpenID, as there are no simple solutions. You can however sign into the Flickr Uploadr, as it requires the authentication in the browser. We will continue to take the lead and work with the developer community to find solutions and define best practices. We'll stay in touch as we make progress on these fronts.
At Yahoo!, we believe that users should have a say in how they identify themselves online. Opening choice in user identification and authentication translates into richer, more flexible user experiences on Yahoo! and across the open Web. Yahoo! plans to extend this third-party user authentication functionality beyond Facebook and Google to other identity provider in the near future. Our goal is to make it extremely simple and transparent for anyone to authenticate and engage with Yahoo! with an online identity that they already have. Eliminating the need to create and remember yet another ID and password ultimately benefits the Web community - both end-users and Web site providers.
Yahoo! became the world’s largest OpenID provider in Jan 2008, after working with the OpenID community on a number of the security issues in 2007. The community was very excited. Everyone wanted to know when Yahoo! would become a relying party. People commented:
“I just read that Yahoo supports OpenID, but I do not see anywhere to use an OpenID to log into Yahoo's website.”
“OpenID is fairly pointless if every site wants to be a producer but not a consumer.”
For Yahoo!, becoming a relying party posed a fair number of challenges which we discussed with the community. We hosted a number of OpenID Summits to collaborate on solutions for usability, desktop client logins, mobile clients, customer care, forgot password, and solution to what the identity community describes as "the Nascar problem." Many challenges still remain.
Last year we took a small step: in Oct 2010 we introduced OpenID log-in with Google on Flickr. The developer community was excited but wanted more. “I could not find any way to use any of my Google accounts to log into my existing Flickr account,“ someone commented.
Overall we saw very good results and ironed out more issues. Now, we're opening to third-party user authentication, beginning by integrating Facebook and Google (via OpenID) across the Yahoo! Network. From Yahoo!'s perspective, any signed-in user that is engaging with Yahoo! services is a valued user, regardless of how the user authenticates.
I want to recognize the hard work that has gone into this project, including the first step of convincing everyone to move in the direction of openness. Special thanks goes out to Allen Tom. Congratulations to the whole membership team (Developers, PM, PGM, UED and QA), who've spent a lot of time and energy to insure a great experience for all our users. This would not have been possible without the efforts of the entire team.
Naveen AgarwalDirector of Engineering, Membership Team
27 Comments
Congrats everyone who rocked on this!
Great news! Moving forward, I hope Yahoo will be opening up this restriction on openid providers! Open standards become more awesome when they're supported in an open fashion. Does Yahoo plan on allowing openid in general or is the plan to restrict it to these two providers?
OK I like the sound of that dude.
http://www.anon-tools.edu.tc
YES!
Great news, this is a huge step towards making Internet identities truly portable and interoperable! If a major site like Yahoo is able to accept 3rd party identities, then any mainstream website should be able to do it as well! Congrats team!
Congratulations…you did a good job guys!
This is definitely good stuff! Congrats to the team. :)
Andy, can you explain what happens when my Facebook ID gets cancelled? How do I access my yahoo account?
Facebook has no customer service and does not allow disputes when they cancel your account.
How can I trust OpenID when they are run by companies like Google and Facebook?
finally something new..something wise,….something that doesnt take a rocket scientist to figure out….amen!
congratulations. This is earth shattering news.
Thank you
great post Andy!! I really like how you incorporated user comments. Congrats on the launch. it's a huge step in the right direction. :)
We are live now.
To pfuggy,
One way to ensure that you can access your Y! account (connected to your Facebook account) is to upgrade it by going through our "Yahoo! ID Upgrade" flow (simply initiate it by clicking on Y! Mail).
Once you obtain an YID and password, you no longer depends on your Facebook account to sign in to Yahoo! You can then sign in to Y! through either your Facebook account or Yahoo! (ID) account.
Although I agree with the benefits of these, there remains a downside to this. If your one account is hacked, none is safe.
Can I link my existing account at gmail with my yahoo account?
to: sebakraus Yes you can. When you click on Google button and agree to the permissions, you will see a "mini reg" page with your name, birthday on it. On the upper right corner there is a link "Already have a Yahoo! ID". Click on that and login with your Yahoo account to link them.
Uh, so I can log into my Y! email account using my Facebook credentials? Do I understand that right?
If so, I have a concern. What happens if someone aqcuires my Facebook login information (of which the username is my Y! email address naturally) and the password is not as complicated as I made my Y! mail password because I consider it 'not as bad' if someone breaks into my Facebook account than if someone breaks into my email account.
However, if someone hacks the Facebook server or through some bug can get the Facebook login data of people in their hands, can they use that to access my email? That's scary. Or is it only possible to make comments to the Yahoo! page/articles using the Facebook login? I'd like to have some more information on that please. What exactly can and cannot be done if you log into Yahoo with your Facebook credentials?
My opinion about it:
http://www.vectorash.ro/2011/yahoo-mail-using-facebook-google/
Help please! I tried to log-in using my Google account ID and Pass, but it connects with the Yahoo mail account I no longer use. Can you please tell me how to connect my Google account ID to my desired Yahoo account? Thanks
The solution is to start considering it as "bad" for your Facebook login to be compromised; many sites use Facebook Connect, and those are open to whoever cracks your Facebook. (Plus they might do something socially damaging on the face book itself, like befriending all of your evil exes and nudging the guy who used to pick on you in high school…)
Hi Andy & Naveen,
What happens if say my Facebook account is compromised? So then my Yahoo account is compromised too, right? So how safe are we?
Appreciate your response guys.
Thanks, Shashi.
I have tried to link my Flikr account to my facebook and google and everything messed up, I get 2 new flickr account (unwanted and useless for me) now I had deleted one but guess what? The google one (that I deletd and still appears) switchs with my real Flickr can any one help me please
Seems quite intresting but may be it will more successful if they update their infrastructure to allow users to use this on developers site.
http://www.apnaghost.com
another privacy issue,what conglomerate has taken this over ?
I've been trying to log into my blog (run by disqus) and when I dlck on Yahoo and click login, I get a pop up that used to say AGREE, now says error. All my comments and likes r on this page. How do I resolve the issue
To krissync2001, can you please try sign in with your Yahoo! ID on Disqus again? There was a temporary service outage Sun Dec 11.. The issue has been resolved since then.