[OpenID] Do users understand the concept of login domains?

Eran Hammer-Lahav eran at hueniverse.com
Mon Dec 15 22:55:20 UTC 2008 

At the core of the OpenID usability challenge is the fact OpenID requires
two pieces of information:

* Local identifier (username)
* Authority (domain controller)

The most widely used example of this is Windows domains where almost every
single enterprise user in the world has been educated to enter their
username into a login box, and under the username a (usually cryptic) domain
name appears. They hardly even change it, nor do most understand what it is
for. Rarely do people sign into multiple domains (in separate sessions).

If people actually understood this concept, OpenID would be easy to deploy
(from a login box design point of view). You simply ask people for their
domain and their username with that domain.

An email identifier is just a syntax used to to encode these two values
together, separated with a '@' character. A unique URI entered either
directly maps to a domain (URI authority) and local identifier (usually path
but really everything else), or points to those values (using OpenID HTML
link elements or XRDS document). In other words, the URI format points to
where these two pieces of information are located.

What makes things more complex is that the identifier entered by the user
can also point to partial information (directed identity), omitting the
local identifier and keeping just the domain. This is often resolved by
giving the user a graphical interface that removes the need to enter a
directed identity URI.

But this doesn't change the fact that the user has no way of clearly
expressing what they are trying to do. If they had two input boxes, one for
username and another for domain, they could leave the username empty, hence
clearing stating their objectives.

And now comes by question and the subject of this post: do users understand
the concept (and implementations) of login domains? If a site presented a
Windows-like login dialog with place for username and input box (maybe with
a drop-down option) for domain name, would people know what to do with it?

EHL

More information about the general mailing list