Who owns and controls OpenID?

OpenID was created in the summer of 2005 by an open source community with the goal of finding a solution to a problem which was not easy to solve with the existing technologies at the time.

OpenID is a completely decentralised service that nobody owns. At present, anyone can choose to use OpenID or create his or her own OpenID provider service for free and without needing approval by any specific organization.

The OpenID Foundation was created to help the open source model and provide a legal entity to host OpenID and promote OpenID support and expansion worldwide.

What websites support OpenID?

There are a great number of websites that offer access to their services with OpenID:

• Blogger
• 37 signals (basecamp, highrise, backpack, campfire)
• Daily Motion
• Source Forge
• Get Satisfaction
• Stack Overflow
• ...

You can get a much more complete and up to date list here.

OpenID related links of interest

• http://openid.net - OpenID Foundation Website
• http://en.wikipedia.org/wiki/OpenID - OpenID article on Wikipedia

Identification on LonelyID

LonelyID identification can be done in two ways, either by visiting LonelyID's homepage or during an external website's identification process.

Identification on the LonelyID homepage

In order to identify yourself on the homepage, you will have to visit: www.lonelyid.com and enter your LonelyID identifier as well as your password in the identification box. Once you are identified on the homepage, and throughout your session with the same web browser, you will not have to enter the password again or even during the authentication processes originating from external websites.

Identification from an external website or service

On the external website, you must enter your LonelyID identifier in a manner similar to the following:

During the identification process on an external website and only when you have not previously identified yourself on LonelyID in the same session, you will just have to enter a password given that you already entered the identifier on the external website.

If during the identification process in LonelyID you tick the checkbox "Keep me connected for the next 4 hours", the session in LonelyID will remain active after completing identification on the external website. If this is not the case, this identification will only be valid for this authentication and the next time you access this site or another external website, you will have to enter your password again.

NOTE: During the identification process on an external website, in some cases and depending on the external website's own parameters, we will request your LonelyID Identifier in addition to your password. This is a normal operating mode which some external websites, such as Facebook, have implemented. It is not very common when using OpenID and does not mean that LonelyID is malfunctioning.

Additional authentication of an external website or service with your LonelyID identifier

When you are requesting access to an external website using the LonelyID Identifier and once you are identified on LonelyID, you must confirm your access to the website in question. It will always be necessary to confirm your access the first time you access a website.

On this page, we display the website you are attempting to access and you have the option of allowing or rejecting access to that website.

If you tick the checkbox "Do not ask again when accessing [WEBSITE ADDRESS]" we will not show you this screen again when you access this website. When ticking that checkbox, you are indicating that you want to be authenticated automatically when accessing the website in question. If you do not tick this checkbox, you will have to confirm your access at each authentication instance on this website

It is only necessary to open the LonelyID Mobile app and tap on the information icon located on the lower right hand area of the screen.

A small window with information about LonelyID will open from that screen and at the end of the text you will be able to see your mobile's data.

Verify that the data is an exact match with the data you received by email. This will confirm unequivocally that you are truly the person who is activating your mobile’s matching key and that no one has attempted to register with a key from another mobile using your username and email address.

Recent activity

In the recent activity table, you can see all activity that has taken place with your LonelyID Identifier in the last six months. You can see the following types of events:

Identification events in LonelyID

• Identification on LonelylD: Means that you have initiated a LonelyID session by entering your password properly.
• Erroneous identification on LonelylD: Means that you attempted to initiate a LonelyID session with an incorrect password.
• Identification with deactivated account: Means that you attempted to initiate a session in LonelyID when the Identifier was deactivated or cancelled. This can occur if your mobile is lost or stolen and someone attempted access with your Identifier after you cancelled it.
• Disconnection from LonelyID: Means that you correctly ended a LonelyID session using the “Logout” link.
• Disconnection from LonelyID due to inactivity: Means that a LonelyID session was ended automatically due to having reached the maximum inactivity period; in other words, not having carried out operations with your Identifier for a specified time period.

Events related to LonelyID key management

• Generation of a new LonelyID key: Means that the creation of a new LonelyID key has been requested from your mobile phone.
• Activation of LonelyID key: Means that a new LonelyID key has been activated by verifying the link that you received in your email.
• Cancellation of LonelyID key: Means that a LonelyID key has been cancelled.

Events related to authentication on websites

• Permitted access to a website: Means that access to a website using the Identifier has been authenticated. This event is generated in each permitted access to a site, regardless of whether the authentication was performed manually or automatically.
• Denied access to a website: Means that access to a website from the access confirmation page has been denied once you were already identified in LonelyID.
• Cancelled access to a website: Means that access to a website has been denied before being identified in LonelyID.
• Automatic authentication assigned to a website: Means that you have confirmed that you would like access to a website to be authenticated without showing the confirmation screen for each access. This event can be generated when confirming access to a site if you tick the checkbox “Do not ask for password again when I access..." or rather when you change authentication from "manual" to "automatic" from the configuration page.
• Revoked automatic authentication to a website: Means that the authentication type has been changed from “automatic" to "manual".
• Time expired without completing a website’s authentication: Means that the maximum wait time at one of the screens in which you must enter data during a website’s authentication process has expired.
• Automatic disconnection through authentication in a website: Means that the session in LonelyID has ended automatically by completing an authentication process on a website (because you did not tick the “Stay connected” checkbox during identification).

Event information related to authentication on websites is only saved when access to a website has been accepted at least once. In this way, if you attempt to access a website for the first time and cancel the process before its completion, you will not see any events related to this site.

Your sites

In the table containing your websites, you can see a list of all the websites you have accessed (or attempted to access) in the last six months with your LonelyID Identifier in descending order according to the date of the last event related to the site. If you click on any of this table’s rows, you will be brought to a page where you can see details of all events related to this website.

Site activity

In this table, you can see all events related to authentication attempts to this website.

From this page, you can also change the website authentication type: the "manual" option (you will have to confirm each access to websites at the time you want to access them) or "automatic" option (access requests to this website will be accepted automatically).

When accessing this option from the installed application on your mobile, you will be automatically redirected to the LonelyID.com website. This redirection will activate the automatic login process in LonelyID in a way that is totally secure and transparent.

Once the mobile has gone through the automatic authentication process, it will show you a list with all the websites that you have accessed recently with your LonelyID Identifier. Most recent websites will be displayed first. All you have to do is click on the website you would like to visit to browse there directly.

In order to help facilitate your identifier’s handling (youridentifier.lonelyid.com), your LonelyID identifier will be copied into the iPhone’s clipboard. In this manner, if the website you want to access asks you to enter your OpenID identifier, you will just have to paste the clipboard's contents and you will save yourself the effort of keying in your identifier on your mobile.

For proper authentication, your mobile phone needs to be synced as accurately as possible with the LonelyID authentication server's internal clock. If timing between these two points (your mobile and the LonelyID server) is not well synced, problems during the login or password validation process can occur (You can read "How does authentication work?" to learn more about the authentication process used on LonelyID).

In certain circumstances, this synchronization could be lost (for example, as a result of your changing your mobile telephone’s clock). If this happens, LonelyID Mobile has a manual sync process:

• Open the app’s context menu, tapping the symbol.
• Select the synchronize option that will allow you to re-establish synchronicity between the mobile and the LonelyID server.

This synchronization process will require an available Internet connection from your mobile. For greater sync effectiveness, we recommend you to be connected to WIFI , 3G  or Edge . This will avoid potential problems caused by connection delays.