No subject


Tue Apr 24 11:52:11 UTC 2007 

register an account by creating a username/password or
username/captiveOpenID controlled by the site and then let the user
attach/associate OpenIDs to those accounts. The other question here is
whether one OpenID can only be attached to a single site account or =
whether
the user should be allowed to use the same OpenID for multiple site
accounts. The latter seems more flexible and user-friendly.

What do you think of the above and what are sites doing today with =
respect
to OpenID and local auth methods?

John

--=20
John Wang
http://www.dev411.com/blog/

------_=_NextPart_001_01C7C3E9.E210FD33
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE>RE: [OpenID] OpenID Registration Scenario</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->

<P><FONT SIZE=3D2>Hey John,<BR>
I think some sort of local display name is certainly desired in many =
cases.&nbsp; It should however be easy to then find their OpenID =
identifier from their profile page for example.<BR>
<BR>
As to a local password, I would instead just use email as an account =
retrieval mechanism if needed.<BR>
<BR>
--David<BR>
<BR>
<BR>
&nbsp;-----Original Message-----<BR>
From: &nbsp; John Wang [<A =
HREF=3D"mailto:jwanggroups at gmail.com">mailto:jwanggroups at gmail.com</A>]<B=
R>
Sent:&nbsp;&nbsp; Tuesday, July 10, 2007 09:21 PM Pacific Standard =
Time<BR>
To:&nbsp;&nbsp;&nbsp;&nbsp; OpenID - General<BR>
Subject:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [OpenID] OpenID =
Registration Scenario<BR>
<BR>
For a site that does not have sensitive information but does have an =
online<BR>
identity aspect where there will be a lot of information associated =
with<BR>
user's online identity on the site over time, does it make sense to =
have<BR>
OpenID users also create a local username/password?<BR>
<BR>
I think it makes some sense to have a username since a user can have<BR>
multiple OpenIDs associated with one online identity. Additionally a<BR>
username will be more user-friendly to see on various pages. The =
username is<BR>
associated with a unique online identity for the site while the OpenID =
is<BR>
just an authentication method.<BR>
<BR>
As for a local password, it seems to make for a better user experience =
to<BR>
have a fallback incase the user's OpenID OP auth server becomes =
unavailable<BR>
for whatever reason. This way the user can use OpenID when they want but =
if<BR>
it ever becomes unavailable, they still have access to their online<BR>
identity. From a community site perspective, it seems to make sense to =
give<BR>
the user a fallback auth mechanism controller by the site instead of =
forcing<BR>
the user to rectify the situation with their OP in case there's an =
issue<BR>
there.<BR>
<BR>

More information about the general mailing list