Email is exactly the same as OpenID in this regard. Your forgot-which-OpenID-was-used could be compared to forgetting which email address was used. And this is, actually, popular. It's just a hype that everyone's talking about OpenID - totally forgetting that traditional systems have the same problems.
If you're doing it right - by having one primary OpenID URI (per identity) - you won't really forget what your OpenID is.
> Most users aren't going to read that stuff.
Nor passwords, nor OpenID were ever intended to work around this kind of problems. And I doubt there's any solution at all. Users will always forget all sort of things, use and reuse totally insecure passwords, keep their backdoor open wide with silly "password recovery" questions anyone could guess, leak all kinds of sensitive information and whatever else they could do wrong.
Sadly, "OpenID sucks" became a meme. And this is the main reason why OpenID suck now.
Email is exactly the same as OpenID in this regard. Your forgot-which-OpenID-was-used could be compared to forgetting which email address was used. And this is, actually, popular. It's just a hype that everyone's talking about OpenID - totally forgetting that traditional systems have the same problems.
If you're doing it right - by having one primary OpenID URI (per identity) - you won't really forget what your OpenID is.
> Most users aren't going to read that stuff.
Nor passwords, nor OpenID were ever intended to work around this kind of problems. And I doubt there's any solution at all. Users will always forget all sort of things, use and reuse totally insecure passwords, keep their backdoor open wide with silly "password recovery" questions anyone could guess, leak all kinds of sensitive information and whatever else they could do wrong.
Sadly, "OpenID sucks" became a meme. And this is the main reason why OpenID suck now.