[OpenID] New OpenID Customer Research Activity - Google research on federated login

[Scott Kveton]

> Let's be clear, sites are asking for the user's email address -- user's in
> general are not typing in email address to be their username.

Says who?  Based on the real-world usability studies I've seen as of
late and the Content Provider discussions, that statement is totally
wrong.

> The advantage to a site of an email address is it is guaranteed to be
> globally unique (user does not have to keep trying different usernames to
> find one that is available). It also doubles as a mechanism for the user to
> reset their password. Another big advantage is that it is much less likely
>  the user will forget their email address over a username specific to the
> site.

MySpace, Facebook, Amazon and others have trained users to use their
email address as an identifier to login.  I'd be willing to bet a huge
chunk of the Internet has accounts on all of those.

> Sxipper does this. Site does not even need to do anything. Works with
> existing password and profile forms. Click of a button and the user is
> logged in!

Now, if only the entire Internet was using Sxipper.  Oh wait ... :-)

Seriously though, that fails the test for not confusing the user ...
"we can give you a great experience, but first, go over to this site,
install Firefox, then install an extension and then restart your
browser ... and *then* OMG ... look how awesome it is!!"

> If this is all that OpenID is going to solve, then it is overkill.

OpenID has to solve those simple things *first* to get adoption.  From
there, it can do much more.  We have to crawl before we can walk.

- Scott