[OpenID] Combining Google & Yahoo user experience research

Nate Klingenstein ndk at internet2.edu
Tue Oct 14 19:43:50 UTC 2008 

> Well that's another data point on the usability of our login UI :-)

Glad to help...

> But seriously, go to www.google.com/a (note the /a) at the end.   
> Then in the top right, click "Returning user, sign in here."   
> User's then enter their domain name, and pick a destination page.

Aha, you're right -- cleverly hidden. :D  Not only that, but I  
actually have a domain with email hosted by Google, and tried this  
out with the start page.  I got a 404 -- The requested URL /itumi.biz? 
textfield=itumi.biz&select=http%3A%2F%2Fpartnerpage.google.com%2F was  
not found on this server.  Oh well.

> That UI is live, and as you found yourself, it is hard to use.   
> What we have found in practice is that user's have to start at  
> their IDP's website, and click a link that takes them to our site  
> with a URL parameter that indicates the domain of the IDP.

That resonates as a very good solution in our experience.  We call it  
the portal/IdP-first use case.  However, when a user wants to go  
somewhere, they often go to Google, type it in, and go directly  
there.  That means we need to handle SP-first use cases too, and  
they're much more common.

> We have another live example you can look at.  Try this URL:
>   http://sites.google.com/a/alertblue.com/testui/
> That URL is for a webpage created by an enterprise whose email  
> Google hosts on our AppsForYourDomain offering.  But the owner of  
> that site has allowed some people outside their enterprise to  
> access this webpage.  So when a user visits that webpage, they  
> might be one of three types of users:
>  - An employee of that enterprise
>  - An employee of a different enterprise that uses  
> AppsForYourDomain (and which might run its own IDP that  
> authenticates users to Google via SAML)
>  - A consumer user with a regular Google Account that the user  
> established manually
> We are experimenting with different login UIs for this page, so you  
> might see different versions.

We've tried that style too, and I personally like it a lot.  Some  
campuses don't, though, because they view the potential for users  
blindly entering their username/password anyway as too high.  I do  
see their point.  It's led to a general philosophy that users should  
be made to select their home before they're ever presented a pair of  
text boxes.  I hope we can get beyond that philosophy someday.

We'd love to see what other cool ideas you guys can come up with.   
You're pretty good at UX.  To put it mildly, we're not.
Nate.

More information about the general mailing list