Given the pain that went away with having a permanent "home" online, I've been eyeing the OpenID activities with keen interest. While I'm semi-OK with site-specific logins for things like banking and other sensitive data, I'm thoroughly sick of having to create a login for every single forum, discussion group, etc. that I want to participate in or non-critical site I want to use.
OpenID gives you a single URL that you use as your identity on other sites. It's secured with a password. The site you're wanting to use just has you enter your OpenID and they use your OpenID server to authenticate. Next thing you know, you're using the site as "you" without a new account somewhere.
If you're looking to just have an OpenID for yourself and maybe one or 2 other people, phpMyID is a nice, simple solution. I've had installing it on my TODO list for quite a while and finally got around to it last night.
It comes with a core class that you include into each identity that you want the server to handle. The identities are each in their own PHP file, named whatever you want. If you're only going to serve up one OpenID (like I am for right now), you can name it openid.php. Anyone else who wants to use my server will get a similar file, named username.php, etc. I named mine this way to have an easy to remember and nice-looking URL.
At any rate, in the openid.php file, there are a few things you need to change, including the username and the password. However, rather than just storing the password in the file, you actually store an md5() hash that you send in instead.
To generate the appropriate string to use as a password, you need to md5() a combination of things, strung together with colons between them. I just made a one line PHP script that spits out the appropriate value to put into the script.
I put the result of that in as the "auth_password" and set the rest of the stuff to fairly obvious settings. I then put the openid.php file on my personal subdomain: j.wynia.org. So, my new OpenID URL is: http://j.wynia.org/openid.php.
Once you think you've got your OpenID set up properly, you can test it out via the test script at OpenIDEnabled.com. I just gave it the OpenID URL above and logged in without any glitches.
Overall, I like this approach a LOT better than the more centralized models for single account signon because I can control it. It's not going to go away because some startup decided to spend all of their money on massages for employees' pets and went bankrupt.
I still need to integrate the autodiscovery into the site properly, but the test login works, so I'm happy.