A Simple OpenID Proposal

Earlier this week, Chris Messina had an excellent post on some problems with OpenID. One of the main problem identified in the post is the fact that there are so many choices when it comes to an OpenID provider that the basic login page becomes a nightmare. As an example, he showed the StackOverflow OpenID Login page.

Login With OpenIDAs you can see, there are a lot of options to choose from. First, you can enter a URL if you know it, or you can click one of the four “major” providers. There is also another list of smaller icons for other providers, mostly blog platforms and other services.

Within Chris’ post, it was argued that for some people, they only want to see the Google button because that is the type of account that they have. Obviously, we cannot default only to Google, so how do we change the login to make things work for everyone?

Chris presents cases for having choice and limiting choice, and does recommend more of a discovery style of authentication and only having one button for OpenID as a whole. However, I think he is applying something very technically appealing that nobody outside of technology would ever use. Before I am called an infidel and moron, let me explain.

First, let me say that Chris has probably forgotten more about online identity than I have learned at this point. So, this is written more from the user perspective. If we want OpenID to become the “one true login”, we need to make it simple. I mean really dumb simple. Chris was right on this, we need a button. However, one big OpenID button does not mean anything to my non-technical friends. What button would make sense? I am thinking that we do need some choice, but we only need about 3 choices.

First, to keep the technical people happy, there will be a Google button that will prompt you for your Google id. OpenID can hook into Google FriendConnect in order to actually authenticate.

Second, to keep the younger generations happy (i.e. those under 45 yrs old), there will be a Facebook Connect button that prompts you for your Facebook id. As with the Google scenario, OpenID can hook into Facebook Connect for the authentication.

Lastly, to get almost everyone else on the internet, we include a Yahoo button that prompts for your Yahoo id. Granted, we need Yahoo to come up with a “friend connect” API, and then OpenID can hook into that API.

By including these three user communities, we have targeted at least half a billion accounts. There is probably a lot of overlap in the user communities as well, but if we assume even 300 million distinct users, that is a really good target for mass adoption.

Of course, people will complain that MySpace, AOL, Hotmail and others are not included. With any technical solution, you will never completely solve the problem, and you will never make everyone happy. AOL has been working on opening up a little, so they could probably strike an “identity deal” with Yahoo where Yahoo accepts AOL accounts or something of that nature. MySpace supports OpenSocial, so they could probably work with Google. That leaves Hotmail as the outsider. I would guess that most real users of Hotmail are likely users of MySpace or Facebook, so maybe they just need to use a different service for OpenID purposes.

This is obviously oversimplifying the problem some, but there is a definite path we could take. The three providers I identified are defintely leading the way in traffic for various demographics. Are we alienating some internet users? Sure, there are always some people that will not be happy. However, this might give us enough coverage for 80% of the people that use more than just one site. That is all we should care about anyway.

Image courtesy of Chris Messina on Flickr.

5 thoughts on “A Simple OpenID Proposal

  1. I am not quite sure why you want the login (via OpenID) to be connected to some “connect” mechanism. Except for Hotmail and Facebook, all the mentioned companies are OpenID providers. MySpace even has a “connect” feature – MySpaceID.

    I think Chris’ proposal of just one button might work. He calls it “sign in” and it features the OpenID logo. It can be discussed if there should be the OpenID logo, but the idea is great. Have discovery in the background and it becomes unimportant what providers users have. It can be email providers, Facebook, MySpace, Bebo,… the discovery mechanism will detect it, resolve it to an OpenID and users will be logged in. “sign in” is the perfect description of such a button.


  2. Carsten,

    The basic idea is that OpenID is unknown for most people. Techies know it, but that is not the real target in the end, unless I misunderstood what Chris was talking about. The Google and Facebook “connect” mechanisms are already spreading quickly and seem to be fairly well accepted so far. By hooking OpenID and these together, OpenID can ride the wave of buzz they generate.

    Like I said, I am definitely oversimplifying, but I think we need to if we go for the mainstream. Discovery is also rather difficult, and is not nearly as well known as the already implemented “Connect” methods.


  3. Well, there is no need to hook OpenID into Friend Connect. It already is. It is also part of MySpaceID already and I bet a few dollars it will be part of Facebook Connect by the end of the year as well.

    You’re right, users don’t have to know about OpenID. What I meant in my comment above is, whatever they type into a login box or whatever happens when they hit a “sign in” button, they will be authenticated regardless if it’s an email address from a large provider, a social network profile url or an OpenID. They will be authenticated. Users don’t have to know about the discovery happening in the background. They will just be logged in. The technology will be OpenID (you’re Gmail is an OpenID already) but users won’t know.

    I guess we want the same. 🙂


  4. A couple clarifications.

    As you started going through all the “big brands”, we got right back into the Nascarification of signin forms.

    You think that AOL will just roll over and be like “well, we guess we’re not as cool as Google, so, it’s okay, we don’t need to be one of the default options.” No way! And that’s just one half of the problem… for competition to thrive in the identity provider space, there has to be room for a newcomer to enter the scene — and if all your options are already set, that’s a far too restricting situation.

    The other half of the problem is that if you train people to look for a certain brand when they sign in, you’ll never be able to take it away once they see it there. So — say Facebook fades in popularity someday — but people learned to sign in to sites using their Facebook accounts… you’ll never be able to remove their logo regardless of how popular they are because people will have come to depend on it being there.

    My proposed solution took these two issues into consideration — purposefully showing the OpenID icon (which doesn’t mean anything to people TODAY — but someday could) coupled with an action (Todd suggested the word “ENTER”, but I’m not sold on that). I think that if we can brand the idea of signing in with an account from someplace else with the OpenID icon, we abate much of the problems with the Nascar approach.

    I would also suggest that you consider which brands to show in international contexts — where the distribution of traffic is much different than the western world. i.e. which OpenID providers should be shown in Japan?


  5. Chris,

    Thanks for commenting, as I am not an identity expert and was just throwing an idea out there. AOL was my biggest concern when I thought about this as well. I like the idea of “branding” OpenID, that way people know it is “the” way to login. My concern is the complexity required for that, and how do we build that brand. That is the main reason I went after 3 big known brands. I limited it to 3 because that is the max number of choices that would likely fit well on a form, and it is not a lot of choices.

    I conveniently ignored international mainly because the 3 brands do have international traffic. This was also just an idea, so maybe there would be a better international brand to use.

    In any case, I do hope you can be successful with OpenID. We definitely need something.


Comments are closed.