RSSGoogle moves to address OpenID confusion among users
By Angela Gunn | Published October 29, 2008, 2:29 PM
Acting on concerns that OpenID's a great idea but a miserable user experience, Google on Wednesday announced an API based on usability research for OpenID identity providers.
OpenID-accepting sites (aka "relying parties") using the new API can allow visitors to log in using only their Google account, with no need to figure out a new username and password. In the example given on Google Code Blog, if a visitor to an OpenID-accepting has a gmail.com address, they'd be temporarily taken back to Google and asked if she or he wished to sign into the new site using that address.
Google would also alert the user to any information that would be shared between Google and the new site. One more click and the user's back to the original site, and logged in just as if she or he had an account there.
The latter half of October has been busy for OpenID aficionados, as discussion about user-experience barriers to adoption heats up.
Microsoft added Live ID to the list of OpenID providers just this week. And some sobering user-experience data from Yahoo testing over the summer led to frank, lively, and maybe even productive discussion at the OpenID UX Summit held at the company last week.
The Google blog also noted that work continues to combine the OpenID and OAuth protocols. OAuth is designed to allow secure API access delegation; a successful combination would allow sites to share additional user information without oversharing such things as passwords. Google launched its OAuth Playground sandbox in September.
I liked MS Passport when quite a few sites use it.. Now I think only one I use lets you login with it. If I remember correctly it had security issues, but can they be any worse then this? It was less complex.. At least from what I've seen. Course, now that Live ID is added I guess it doesnt matter.
Score: 0
|Well, it *is* kind of the entire point of the OpenID spec, but you may well be happier with another provider :-) . I'm eager to see what sorts of providers we eventually end up with; I would expect some to be mainstream and some to be less so, and I predict a very viable niche for an ultra-privacy-conscious provider. Which, hey, sign me up.
Score: 0
|"Google would also alert the user to any information that would be shared between Google and the new site." LOL
Yeah.. I'm going to trust Google with keeping my information private.. Thats a laugh
Score: 0
|