Attackers can use the "Covert Redirect" vulnerability in both open-source log-in systems to steal your data and redirect you to unsafe sites.
OpenID is a solution for the log-in problem of having multiple identities online.
Webware 100 winner: OpenID
The universal log-in standard hadn't come to Facebook sooner because of security and user experience concerns, a post on the social network's blog explained.
Larry Magid talks with Max Engel of the social network about the company's efforts to promote log-in identification cooperation among various sites.
We may not see OpenID coming to Facebook Connect anytime soon, but this is a big step for the social network that many open-standards advocates once wrote off for its walled-garden nature.
PayPal has joined the OpenID Foundation Board, HealthCentral has acquired Wellsphere, and CoveritLive has received $1.2 million in funding.
The new browser extension helps identify OpenID participants and manage them across the Web. Good timing, considering Facebook Connect is about to make its big debut.
The universal log-in standard has been around for three years now. So why is Facebook Connect stealing all its thunder?
Google joins the OpenID fray with its own solution, which lets developers integrate a universal log-in for their users to sign on with their Google account.