Today we're excited to announce that on Thursday, January 20, Yahoo! opens to third-party user authentication with Facebook and Google logins (via OpenID) across the Yahoo! Network. Hundreds of millions of Facebook and Google users will be able to easily sign in and interact on Yahoo! using their Facebook or Google IDs. This eliminates the proverbial necessity of registering for yet another new ID and remembering yet another password. From Yahoo!'s perspective, any signed-in user engaging with Yahoo! services is a valued user, whether she authenticates using a Yahoo!, Facebook, or Google ID.
By supporting user sign-in to Yahoo! through Facebook and Google, we streamline the Yahoo! user identity creation process and can further personalize user experience across Yahoo! services. Commenting on a Yahoo! News article, playing Yahoo! Fantasy Sports, or interacting with photos on Flickr -- now users can do all this with their existing Facebook or Google IDs. Returning users who are already signed in to Facebook or Google can benefit from the one-click sign-in to Yahoo!, no longer required to enter ID and password. You can initiate the one-click sign-in simply by clicking on the "Sign in with: Facebook or Google" icon on the Yahoo! login screen. You are then signed in to Yahoo!, ready to participate fully.
Many challenges remain. For example, you still wont be able to sign into a mobile or desktop client using a Google OpenID, as there are no simple solutions. You can however sign into the Flickr Uploadr, as it requires the authentication in the browser. We will continue to take the lead and work with the developer community to find solutions and define best practices. We'll stay in touch as we make progress on these fronts.
At Yahoo!, we believe that users should have a say in how they identify themselves online. Opening choice in user identification and authentication translates into richer, more flexible user experiences on Yahoo! and across the open Web. Yahoo! plans to extend this third-party user authentication functionality beyond Facebook and Google to other identity provider in the near future. Our goal is to make it extremely simple and transparent for anyone to authenticate and engage with Yahoo! with an online identity that they already have. Eliminating the need to create and remember yet another ID and password ultimately benefits the Web community - both end-users and Web site providers.
Yahoo! became the worlds largest OpenID provider in Jan 2008, after working with the OpenID community on a number of the security issues in 2007. The community was very excited. Everyone wanted to know when Yahoo! would become a relying party. People commented:
I just read that Yahoo supports OpenID, but I do not see anywhere to
use an OpenID to log into Yahoo's website.
OpenID is fairly pointless if every site wants to be a producer but not a consumer.
For Yahoo!, becoming a relying party posed a fair number of challenges which we discussed with the community. We hosted a number of OpenID Summits to collaborate on solutions for usability, desktop client logins, mobile clients, customer care, forgot password, and solution to what the identity community describes as "the Nascar problem." Many challenges still remain.
Last year we took a small step: in Oct 2010 we introduced OpenID log-in with Google on Flickr. The developer community was excited but wanted more. I could not find any way to use any of my Google accounts to log into my existing Flickr account, someone commented.
Overall we saw very good results and ironed out more issues. Now, we're opening to third-party user authentication, beginning by integrating Facebook and Google (via OpenID) across the Yahoo! Network. From Yahoo!'s perspective, any signed-in user that is engaging with Yahoo! services is a valued user, regardless of how the user authenticates.
I want to recognize the hard work that has gone into this project, including the first step of convincing everyone to move in the direction of openness. Special thanks goes out to Allen Tom. Congratulations to the whole membership team (Developers, PM, PGM, UED and QA), who've spent a lot of time and energy to insure a great experience for all our users. This would not have been possible without the efforts of the entire team.