Something that lets me use my email address as my ID.
I can remember my email address. I can't even remember which openID provider I used to sign up for StackOverflow, let alone how they expect me to form the URL that I use for my login.
So once a month, when my cookie expires, I get to perform a forgot-password-like action, where I dig through my email to find my username, then try several combinations of it and claimid.net (or was it .org) until it lets me in. But I'm not in. I still have to type in my username and password and, click OK, then click OK on a second screen.
That's on the order of 10 more steps than it takes me to type in my email address and password. I remember my email. And I can type it in 400 milliseconds.
The thing that replaces OpenID needs to understand that.
That's not the suggestion I give to non-technical users, that's the suggestion that I give to you that took the time to learn what OpenId is but complains about it.
What I tell website developers is to add a login with Google, Yahoo, ... + OpenId (Google and Yahoo are openId providers) and each will redirect users to the correct OpenId endpoint (the one from yahoo, the one from google or your own).
And I don't say anything to non-technical users. They will see a "login with Yahoo" or "login with Facebook" or "login with Gmail" and they won't even ask me questions about OpenID. The ones that know what OpenId is and have their own custom URL will use it. Others will use the endpoints provided by Yahoo or Google and won't know what OpenID is and they don't need to.
Have you done any testing to see how many users you lose by doing this? There is, after all, a percentage of your users who will see your "login with Yahoo" message and not understand what you mean, then leave when they can't find a way to register.
You seem to think that number would be low. Experience with users & registration leads me to believe that it will be quite high. I personally don't plan to implement openID, so I can't do any testing. I'd be curious to see what your numbers say.
Something that doesn't require you to be a techie to understand. OpenID is a bit advanced for many users.
FB Connect actually does a pretty good job at being "easy to use". Just log into your FB account and you are set. I know it's not fair, but most people havn't posted anything to that openid website.
Google or Yahoo logins would work, since there's a recognizable brand name and there's a good chance that the user has an account on those sites.
>FB Connect actually does a pretty good job at being "easy to use". Just log into your FB account and you are set.
The only time I used OpenID, it was for StackOverflow. The workflow was exactly as you describe for Facebook Connect, except substituting Gmail for Facebook. I really don't see where there's room to be tripped up, unless you can't handle the idea that you can log in using accounts from multiple places.
That's not an issue with OpenID. That's an issue with the decision to not use OpenID exclusively and applies to every authentication service on the list in that screenshot, by virtue of that list being a list.
I can remember my email address. I can't even remember which openID provider I used to sign up for StackOverflow, let alone how they expect me to form the URL that I use for my login.
So once a month, when my cookie expires, I get to perform a forgot-password-like action, where I dig through my email to find my username, then try several combinations of it and claimid.net (or was it .org) until it lets me in. But I'm not in. I still have to type in my username and password and, click OK, then click OK on a second screen.
That's on the order of 10 more steps than it takes me to type in my email address and password. I remember my email. And I can type it in 400 milliseconds.
The thing that replaces OpenID needs to understand that.