[OpenID] OpenID SREG best practice question
Breno de Medeiros
breno at google.com
Wed Nov 12 23:23:12 UTC 2008
On Wed, Nov 12, 2008 at 3:10 PM, Eric Norman <ejnorman at doit.wisc.edu> wrote:
>
> On Nov 12, 2008, at 4:49 PM, Breno de Medeiros wrote:
>
>> On Wed, Nov 12, 2008 at 2:42 PM, Eric Norman <ejnorman at doit.wisc.edu>
>> wrote:
>>>
>>> On Nov 12, 2008, at 3:34 PM, Dick Hardt wrote:
>>>
>>>> Many UX's have a box that allows the user to say they don't want to
>>>> be
>>>> asked about something again.
>>>
>>> Indeed, I've seen lots of those.
>>>
>>> Which brings us back to the earlier question about users
>>> having an opportunity to change their mind. Anyone want to
>>> comment on that?
>>
>> Google users can change their minds by visiting the "My Account" link
>> in the Google home page, re-entering their password, and examining
>> their list of approved sites (same location for OAuth/AuthSub
>> delegations as well). Explanations about how to revoke access are
>> available from links in the approval page.
>
> OK.
>
> So would Google support usability studies that try to
> find out if this procedure is more or less usable that
> asking users to indicate approval during every transaction?
Eric (Sachs) would be a better person to answer this question. I think
there are conflated issues here: (1) if users want to have the option
to opt-in to auto-approve these requests (I would guess that the
answer to that is 'yes') and (2) the issue of how to make it easy for
users to manage these choices if they later change their minds.
Currently the page where they would go to change their mind is the
same they would go to change their password.
>
> Eric Norman
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
--
--Breno
+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)
More information about the general
mailing list