[OpenID] Yahoo OpenID UX Study

Allen Tom atom at yahoo-inc.com
Fri Oct 10 03:34:49 UTC 2008 

Hi All,

I'm happy to announce that Yahoo is releasing the results of a usability 
study that we did for OpenID. The test subjects were several experienced 
Yahoo users (who are representative of our mainstream audience) who were 
observed as they tried to sign into a product review site using the 
Yahoo OpenID service.

A link to the PDF of the study is here:
http://developer.yahoo.com/openid/bestpractices.html

First, the good news. After the users completed their tests, we 
explained OpenID to them, and they all recognized the value of being 
able to easily sign into a new site without having to create a new ID 
and password. They also appreciated the potential of using their Yahoo 
OpenIDs to automatically verify their Yahoo email address without having 
to do manual email verification.

Now the bad news. None of the users had heard of OpenID before, and none 
of them even noticed the OpenID sign-in box which was displayed below 
the traditional email/password login form on the site. In many cases, 
the test subjects entered their Yahoo email address and Yahoo password 
to try to login. (We had told the test subjects that they could sign 
into the site using their Yahoo account without having to register). 
(See Page 5 of the study)

Eventually, we coached the test subjects to use the site's OpenID ID 
Selector, and they still had some problems with selector's Yahoo 
option.  In most cases, the users were confused by the 
"http://yahoo.com" that was autofilled in the OpenID sign in box, and 
were still looking for a form to enter their YahooID and password. (See 
pages 7 and 8)

After a bit more coaching, the users managed to get to the Yahoo OP, 
where a lot of them got lost. First time Yahoo OpenID users must 
navigate through a few screens, where they have to solve a CAPTCHA, 
agree to a TOS, and also are given opportunities to learn more about 
OpenID, setup a custom OpenID identifier, setup an anti-phishing Sign-in 
Seal for their Yahoo Login screen, or to see a directory of OpenID RPs. 
In many cases, users were overwhelmed by all these options, and failed 
to return to the RP because they were sidetracked. (See pages 10-14 of 
the study)

Finally, after a little more coaching, the test subjects finally 
returned back to the product review site, where they were presented with 
a registration form to setup a profile. Obviously, it would have been 
more satisfying if the user was able to directly go to the intended 
destination. (see page 15)

As a follow up, we asked the test subjects to pretend that some time had 
passed and that they were to revisit the site and to sign in again. In 
many cases, they tried to sign in by typing in their Yahoo email address 
and password into the Login form. (see  page 17)

Observing these tests was more than a bit frustrating for the Yahoo 
OpenID team, and the test subjects may have been distracted by the 
sounds of the groans and headpounding coming from the other side of the 
one way mirror. Certainly there is a lot of work to be done on the 
OpenID UX front.

On the Yahoo side of things, we streamlined our OP last week, and 
removed as much as we could. We removed the CAPTCHA and slimmed down the 
OP to just a single screen, and focused the UI to get the user back to 
the RP. We expect that RPs will enjoy a much higher success rate for 
users signing in with their Yahoo OpenID.

On the RP side of things, our recommendation is that they emphasize to 
users that they can sign in with an existing account, specifically their 
YahooID.  We believe that the YahooID, as well has IDs from other 
providers, have a higher brand awareness than OpenID. We also believe 
that first time users signing in with an OpenID should be able to go 
directly to their intended destination after signing in, instead of 
having to complete additional registration. Hopefully, as 
SimpleReg/AttributeExchange are more widely supported (Yahoo does not 
currently support them), RPs will no longer feel the need to force the 
user through an additional registration form after signing in with an 
OpenID.

I'll be happy to discuss the findings of our first UX study, as well as 
suggestions for improving the entire end-to-end OpenID UX.

Allen

More information about the general mailing list