If this is "over your head" right now, I would recommend to stop at this point and invest your efforts in some other fields. If you get to this task closer, you will find a lot more issues "over your head", probably a lot more than you can imagine right now.
Set aside obvious security issue, you need to clearly understand your liability. Your application should be another layer if the security schema of all application which will open all those application to any tiny exploit which you may allow to sneak in your single product. It can literally ruin the life on many your customers. Are you ready to hold responsibility for that? At the same time, I understand that you may limit your application to a set of site of your own, and make sure that all of them are not used for dealing with and overly sensitive information. But even in this case, you should understand that, in particular, the user's password can be extremely valuable. Even on a not very security sensitive site, if some malicious artist, say, get access to a password, it may give a clue for cracking passwords of the same person on other sites. However, the password problem is relatively easily solved by not storing any password anywhere, which is the usual practice.
To get a general idea on what's involved, please look, in particular, at
OpenID Foundation:
OpenID — Wikipedia, the free encyclopedia[
^],
OpenID Foundation website[
^],
OpenID Explained[
^].
—SA