openid ux summit - lessons learned from rpx
DESCRIPTION
Brian Ellin's talk on patterns that work in 3rd party authentication.TRANSCRIPT
![Page 1: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/1.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
OpenID in 2010Relying Party UX Overview and Lessons Learned
1
![Page 2: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/2.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
What is OpenID?Authentication & profile import for easily
moving around the web
2
![Page 3: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/3.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
The OpenID OpportunityRethink registration and sign-in as it exists today.
3
![Page 4: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/4.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Quick Engagement!
1. No new password at every site
2. No re-entering profile everywhere
3. No verify-email dance
4. Lower mental investment!
4
![Page 5: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/5.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Take a step backDon’t just bolt OpenID onto your existing registration
system as a password replacement. Treat it equally.
5
![Page 6: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/6.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Simplify
1. Simplify Login/Register flow
2. Avoid lengthy registration forms
3. Engage quickly, ask for data as needed
6
![Page 7: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/7.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Users are getting it...but the interface is key.
7
![Page 12: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/12.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
3rd Party vs Email+Password60% choose 3rd party on blink182.com
12
![Page 15: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/15.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
!"#$%tigweb.org - improved registration page
15
![Page 16: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/16.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
NASCAR Style Favicons can mean
other thingsShare This, Follow, Become a Fan etc.
16
![Page 17: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/17.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Best accompanied with a clear message of benefit
17
![Page 18: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/18.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
89% chose a 3rd partyinstead of clicking login/signup
18
![Page 19: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/19.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Combine Login & RegisterFor a single, simple experience.
19
![Page 21: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/21.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Return experience is key when offering many choices
21
![Page 22: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/22.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Use immediate mode when you can.
Sign-in without redirecting or opening a popup.
22
![Page 23: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/23.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Avoid the full browser redirect by using a
small popup window
23
![Page 25: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/25.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Mobile ConsiderationsDon’t use a popup for iPhone and Android browsers.
25
![Page 26: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/26.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Mobile + OpenID is great!
1. Typing on a phone is hard
2. No new password at every site
3. No re-entering profile data each site
4. Less mental investment!
26
![Page 27: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/27.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Profile DataData transport on top of OpenID via AX/Sreg
email, first name, last name, country, language, profile pic url, nickname,
gender, date of birth, postcode
27
![Page 28: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/28.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Verified EmailMany providers issue an email address that they have
already verified. You don’t have to verify it again.
28
![Page 29: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/29.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
OAuth HybridPiggybacking OAuth on top of OpenID for access to
Contacts, Social, and other rich APIs....
29
![Page 30: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/30.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
NASCAR [email protected]@[email protected]
[email protected]@brianellin.com
30
![Page 31: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/31.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
Who is your audience?Build an interface and integrate with appropriate
providers.
31
![Page 32: OpenID UX Summit - Lessons Learned from RPX](https://reader033.vdocuments.site/reader033/viewer/2022051613/54c8c5734a79591c188b4569/html5/thumbnails/32.jpg)
OpenID UX Summit 2010
Brian Ellin / [email protected]
A few years out
1. Only managing passwords at provider sites
2. Using a password at a non provider site will be a foreign concept
32