OpenID in Education

November 2007

I've always really liked the idea of OpenID. But it niggles me that I'm not using it yet. If somebody like me whose is geeky and who spends a fair percentage of their life on the web hasn't got round to using it, then it's hard to believe it will take off in a more mainstream way. Each time I encounter the problem of registering for a site, it's less effort to just register than to figure out using OpenID with it, despite the fact that I know that technically I have an OpenID already. The idea of using OpenID for whitelisting is a nice one, but I'll have to wait until my friends use OpenID and web sites support that sort of thing.

I think OpenID is still interesting for education however for rather different reasons than it might be interesting outside education. Multiple usernames and passwords aren't an issue for us. We give students a username and password and tell them to use it. Most universities have sussed out single sign-on to a reasonable extent and I don't think having a university-specific username is something that keeps students awake at nights. The fact they might redirect their university e-mail elsewhere doesn't mean that they begrudge being given a username.

The problem that OpenID can solve for universities is that it is a pain to have to integrate every new bit of software with that single sign-on system. If they can link their single sign-on to OpenID, for any software that supports OpenID, that expensive job pretty much vanishes. It would also make bottom-up use of more diverse software easier (although the folk at the top who like to manage risk won't necessarily like that). From that perspective, I think it could make a genuine practical difference - it's easy to dismiss the issues related registration as solvable by administrative resources, but in practice what almost always happens in practice is the lone lecturer ends up doing it all themselves.

This doesn't solve all the problems of course. There's the issue of synchronisation of data (sounds trivial, but you really don't want to be asking students to register with their name if you want even a small proportion to match the one that they used for their university registration). Universities also like putting people in groups and restricting access of things to certain groups. This is often over-zealous, but also often reasonable. There's a pedagogical conflict between giving students a safe environment in which to make mistakes and motivating them by giving them authentic environments for their activities. There are probably ways though you could have directories of OpenIDs for different groups - and not having to worry about authentication too would make them simpler than the current systems of that nature.

I think if education does pick up on this sort of things, there could be the interesting result that it might be what pushes OpenID mainstream - if students get used to using OpenID while at university then they might start using it elsewhere. I'm not sure how quickly education will pick up on these sort of things, but it only takes one university to have a success story for others to copy.