Hi, As I build my new application I am considering centralised authentication simply because it saves me a crap load of coding, but then it has me wondering. If I use say openID, what happens if openID is down, say their server is down, or for some reason it flops and goes offline forever, it means I am left re-writing my entire membership. So now what I am thinking is allowing the consumer to choose. Have the option to login via the openID login, or flick the radio button and login with a site ID. I guess this makes me then think, I should just store the OpenID login information and throw in a check status which pings the URI to see if it is up, if it is down use the internally stored login information that was recorded during their last login/signup and added to their profile. Any thoughts on the subject would be interesting. I guess I am looking for an earnest discussion on the merits of either openID or a multi-level one? Kind Regards Dan
Think of it from a users point of view. I would either choose one, or choose the other. Messing users around with 2 methods of registering can be confusing at the best of time. From your point however it provides greater security. I would recommend you just use a login class, cuts down the code massively. Dan