Mainstream OpenID?
Us techies love to talk about OpenID and the like. We complain about the idea of signing for one more bloody service.
However, OpenID has a few usability issues for non-technical folk. I can’t imagine explaining to my mum that she has to login using a domain URL. “You want me to type http://myopenidserver.com/seeg in the browser?” “No! that is your username!”.
Well, these days could be numbered. I heard that there was a lot of chatter on this topic at Social Foo, and Brad has one solution using < a href="http://yadis.org/wiki/Main_Page">Yadis as opposed to the more pure DNS, or hacky ~username solutions.
Getting my mum to use her email as a username won’t be an issue. Hopefully she won’t fall for any OpenID phishing attacks though if it becomes popular.
February 10th, 2008 at 6:14 am
Yes, dumbing down the technology instead of taking the initial time to learn it. Why does the world think our society is so lazy again?
February 10th, 2008 at 11:15 am
Yahoo’s support for OpenID 2.0 is about as easy as that standard can get… If you are a Yahoo user you just need to use ‘yahoo.com’ as your ID. Still completely illogical to the layperson but at least it is short :)
February 10th, 2008 at 6:33 pm
Not to start a flame here..but most people are not technically literate.
I agree that an email is far more suitable for most users.
I’m currently working on integrating Shibboleth into an existing application. It’s a sort of OpenID for the UK higher-education ( universities and such ). I particularly like their idea of a ServiceProvider, an IdentityProvider(the OpenID service) but also a WhereAreYouFrom service which helps you choose your identity provider.
Of course, this is within their closed system, but I think something similar could also be implemented for OpenID.
I’d enjoy a discussion about other OpenID issues, since it’s clear that it currently has some usability problems.
February 11th, 2008 at 10:23 pm
As your blog software itself says, “Spam is a pain.” Just because you want to login to a site should not allow that site to get your email address.
URLs make fine identifiers because you can’t send spam or spim to an URL. Using email addresses as identifiers are a bad idea on the public web because of the spam problem.