Momentum appears to be building behind the related notions that users should have a single set of login credentials to sign into mostperhaps even allof the web sites that they frequent and that they should be able to easily move their personal data between different social networking services. These ideas have gained so much traction recently that groups like and OpenID have made many pundits’ lists of “what will be hot in 2008.” But while reports this week show that OpenID and are gaining support from giants like Google, Facebook, IBM, and Verisign, a number of lingering questions about security and privacy remain.