[OpenID] OpenID User Interface Working Group
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Mon Mar 23 01:08:21 UTC 2009
On 03/23/2009 02:53 AM, Allen Tom:
> Eddy Nigg (StartCom Ltd.) wrote:
>>
>> Your assumptions that users will notice the difference between a
>> window with and without address bar are basically wrong. A small
>> research would tell you that most users will enter their details anyway.
>>
> Does the popup make things worse for users who don't pay attention to
> the address bar or to any visual indicators?
Most likely it makes it even more difficult and a bit more likely that
they won't pay attention. Some study and research would be in place
perhaps (proposal for the WG?)
>> Which leads us again to the issue of user/pass pairs and their
>> usefulness
> OpenID does not specify how the user authenticates with their OP, so
> OPs are free to deploy authentication methods other than passwords.
Sure. We know that (for the better and worse) :-)
> As far as I can tell, all phishing sites currently use a full browser
> window, so I'm not sure how the full browser window is more resistant
> to phishing compared to a popup.
>
Neither am I...it's a wild guess I'm having. I suggest to find out about
it in the WG through a proper study. It even could benefit OpenID at
large if the research would be a bit extended...
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090323/2fe63027/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6724 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090323/2fe63027/attachment-0002.bin>
More information about the general
mailing list