After I wrote this post I discovered some things about another ID system which may be better than the one here. See my post: OpenID vs. BrowserID.
Do I want users of my app to have the standard username, password and email — and be required to verify their ownership of that email address during registeration? Or, do I want to use OpenID — where the user has a username and email — and, verification of authenticity gets delegated to OpenID?
A CodeIgniter wiki post suggests both be used. As a matter of fact most websites use both.
- A user may be more comfortable the standard way.
- A user may be unable to do OpenID registration because of a bug.
- OpenID may become obsolete.
Note: OAuth is a standard which is related to OpenID. Consider implementing it also.