If you haven't heard from OpenId yet, it is a standard to delegate authentication to third parties. I've been using the Extreme Swank openid client for a while. There are others out there but this one seems to work fine.
There are many security implications, but the idea of using my yahoo account to enter a SharePoint site sounds sexy. Not only because you don't have to create yet another account, but because the third parties will handle the maintainance and security.
To try it out I put together this simple SharePoint solution. The solution will install a feature with a openid web part and a custom log in page. As a proof of concept I set up a
site where you may log in using your openid account.
The OpenId webpart (and this project) is just an interface to the great work of the Extreme Swank client. The webpart can be configured set required information to be retrieved from the providers and you can also configure if authenticated users may be added to the visitors group.
The idea is that once the user has been authenticated we will add the new account to the forms based authentication that SharePoint is using.
If the user is entering the site for the first time, we create the fba account with the information provided by the openid provider. Most providers will share information as long as the user consents.
As the users do not need to enter a password directly into SharePoint the login page does not display the password field and automatically redirects the request. If you want to support both regular and openid accounts you can either show the password field in the custom login page or add the webpart to the oob login page.
Get the code in the Project Site.