1. You'd certainly have to choose the right sources for SSO. I'd say people usually trust their Google account, so that's a good start (and Google does payments, so they make sure to keep it tight). Then go from there, I'm sure other dominant platforms have similar offerings.
2. You can provide an alternative set of credentials. HN is an excellent example. You can log in via id+password, OpenID or clickpass.
3. I will resist signing on until I know you (your application) better. It is more effective to get my attention first (with something like a limited intro, showing what's it about) and once I get hooked, present the payment options. Putting up a pay wall before showing anything is putting me off. Start with light authentication and then add to it once money enters the game.
ps. Requiring users to create new credentials also results in the "one password for everything" phenomenon that's so prevalent. I very much doubt that that will increase security. I'm more inclined to believe that it will do the opposite, as your service will most likely get the less secure/shared password from the get go (remember, you customers don't know how much they will value you later on).
1. You'd certainly have to choose the right sources for SSO. I'd say people usually trust their Google account, so that's a good start (and Google does payments, so they make sure to keep it tight). Then go from there, I'm sure other dominant platforms have similar offerings.
2. You can provide an alternative set of credentials. HN is an excellent example. You can log in via id+password, OpenID or clickpass.
3. I will resist signing on until I know you (your application) better. It is more effective to get my attention first (with something like a limited intro, showing what's it about) and once I get hooked, present the payment options. Putting up a pay wall before showing anything is putting me off. Start with light authentication and then add to it once money enters the game.
ps. Requiring users to create new credentials also results in the "one password for everything" phenomenon that's so prevalent. I very much doubt that that will increase security. I'm more inclined to believe that it will do the opposite, as your service will most likely get the less secure/shared password from the get go (remember, you customers don't know how much they will value you later on).