Scenario 1: Sally, a Church member visits lds.org hosted ward web site for the first time
- Sally clicks Ward / Stake Web Sites at the lds.org home page.
- She sees a screen with a login box on one half and a "First Time Visitors" section on the other, where they can enter their confirmation date and membership record number. She looks up their membership information and fills it out and clicks "New User"
- Sally is now prompted for her OpenID Identifier. Some text explains what this is and how she can obtain one if she does not have one yet. She has one, and simply types her OpenID: sally.myopenid.com.
- Myopenid.com appears to tell her that lds.org is logging her in. She clicks OK.
- She now sees her ward web site.
- Sally clicks Ward / Stake Web Sites at the lds.org home page.
- This time at the login screen, Sally just types in sally.myopenid.com and clicks Login.
- Sally might see myopenid.com come up asking her to log in so she can access lds.org, but more likely she is already logged into myopenid.com and this step will be skipped.
- Sally sees her ward web site.
Scenario 3: Sally visits a Church-related web site other than lds.org
- Sally is visiting ilikemormons.org, a fictitious site that anyone can log into with OpenID but premium services are offered to members of the Church.
- Sally tries to visit a Church Members Only area and is prompted to log in with her OpenID. She logs in with sally.myopenid.com, which requires no additional password and is quick and easy for her.
- This is Sally's first time logging into ilikemormons.org and after logging in, the site asks her if it may ask lds.org if she is a member of the Church. She clicks Yes.
- lds.org appears in her browser and automatically recognizes who she is because she has visited before with her OpenID, and says "ilikemormons.org is asking if you're a member of the Church. May we tell them you are?" She clicks yes.
- She now sees ilikemormons.org again and sees that she has made it into the Church Members Only area.
- Sally visits ilikemormons.org again and tries to visit the Church Members Only area.
- Sally MAY be asked to log in again if the site so chooses. She types in her OpenID and clicks Login.
- She is allowed entrance into the Church Members Only area.
- The user has only one account that can be shared across all these sites, and yet no site has to know her password except her identity provider (in these cases myopenid.com).
- The user may choose to use a stronger credential than a password (like Infocard or an SSL certificate) that myopenid.com makes very easy. This is much more secure than a password as it cannot be phished, forgotten or stolen. All sites involved will still allow login perfectly with no additional effort.
- Web sites the Church authorizes (which can be a carefully controlled whitelist group or a list anyone can apply for in an automated way) may determine a person's membership in the Church.
- The Church does not add yet one more account that users have to either memorize new usernames and passwords for, or much worse and probably much more common, reuse a username/password picked and used on dozens of other sites already. Any other site that user visits could harvest those passwords and use them to spoof Sally's identity at lds.org. With OpenID, this kind of attack is much less likely because only one site has any password at all, and perhaps not even that one.