Most Internet users do not eat, sleep, and breathe authentication. Many don’t know what “authentication” means. Some can’t even spell the word. But everyone who has used the Internet for more than five minutes understands the feeling of overwhelming suckitude that descends when confronted by yet another web site that requires you to create an account in order to perform some trivial action (note to vendors: I don’t have to supply a username, password, my address, an e-mail account, and my birthdate to buy a toaster at Target; why do you insist on making me do it online?).

Unfortunately, although we can put a man on the moon, we can’t seem to develop any sort of single sign-on mechanism that will make online identity a less frightening concept. VeriSign is the latest company to take a crack at the problem, but they are doing so in a very limited way. VeriSign’s new Personal Identity Provider (PIP) attempts to capitalize on the growing support for OpenID by hosting a server of their own, but it’s not a replacement solution for sign-ons at e-commerce sites and financial institutions. Instead, the goal is to start with sites that have less at stake_blogs, photo-sharing sites, and wikis.

Rather than create a new account at each blog you visit, for instance, OpenID allows you to generate a unique URL that functions as your identity. You simply enter the URL, and the site communicates behind the scenes with your OpenID server to authenticate that you do, in fact, own that URL. The program is thus quite limited, but the limits may actually be a strength. Past efforts at creating a robust single sign-on (such as Microsoft’s Passport) have largely failed to live up to the hype, in part because few people want to entrust senstive information like credit card numbers to third parties like Microsoft. VeriSign’s endorsement of OpenID suggests that companies now want to start with smaller, more manageable tasks first, things with less at stake. OpenID is also a completely decentralized system with many different registrars, a move designed to alleviate fears about one company collecting too much personal information.

So what’s in it for VeriSign? Rolling out a free OpenID server doesn’t make the company any money, but they are hoping to grow the entire market for authentication products and to increase the robustness of the OpenID system.