No subject


Tue Apr 24 11:52:11 UTC 2007


register an account by creating a username/password or
username/captiveOpenID controlled by the site and then let the user
attach/associate OpenIDs to those accounts. The other question here is
whether one OpenID can only be attached to a single site account or whether
the user should be allowed to use the same OpenID for multiple site
accounts. The latter seems more flexible and user-friendly.

What do you think of the above and what are sites doing today with respect
to OpenID and local auth methods?

John

-- 
John Wang
http://www.dev411.com/blog/

------=_Part_186609_9445027.1184127698771
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

For a site that does not have sensitive information but does have an online identity aspect where there will be a lot of information associated with user's online identity on the site over time, does it make sense to have OpenID users also create a local username/password?
<br><br>I think it makes some sense to have a username since a user can have multiple OpenIDs associated with one online identity. Additionally a username will be more user-friendly to see on various pages. The username is associated with a unique online identity for the site while the OpenID is just an authentication method.
<br><br>As for a local password, it seems to make for a better user experience to have a fallback incase the user&#39;s OpenID OP auth server becomes unavailable for whatever reason. This way the user can use OpenID when they want but if it ever becomes unavailable, they still have access to their online identity. From a community site perspective, it seems to make sense to give the user a fallback auth mechanism controller by the site instead of forcing the user to rectify the situation with their OP in case there&#39;s an issue there.
<br><br>From the above, I&#39;m thinking that it would make sense to have the user register an account by creating a username/password or username/captiveOpenID controlled by the site and then let the user attach/associate OpenIDs to those accounts. The other question here is whether one OpenID can only be attached to a single site account or whether the user should be allowed to use the same OpenID for multiple site accounts. The latter seems more flexible and user-friendly.
<br clear="all"><br>What do you think of the above and what are sites doing today with respect to OpenID and local auth methods?<br><br>John<br><br>-- <br>John Wang<br><a href="http://www.dev411.com/blog/">http://www.dev411.com/blog/
</a>

------=_Part_186609_9445027.1184127698771--


More information about the general mailing list