[OpenID] Feedback requested: New OpenID RP login UX prototype

[Andrew Arnott]

Thanks, Ashish.  Inline...
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre


On Fri, Oct 23, 2009 at 11:09 AM, Ashish Jain <email at ashishjain.com> wrote:

> Great work. Couple of comments
> - The green flag appearance/disappearance seems a bit shaky.
>

There *may* be javascript bugs to blame for some of this, but I think I've
shaken all those out.  The green flag only appears if the OP responds
affirmatively to checkid_immediate, which Yahoo won't do, and other OPs do
with a greater or lesser dependability.  All the green flag does is suggest
to the user that this login will be super-quick, since the authentication
has already been done. So if it's absent, it's not really a big deal.  Do
you think users will be concerned by this?

- Does it make sense to only show the logo of the OP that I chose last time
> (with the option of switching of course)? Other than the experimentation
> mode, we don't expect users to keep switching on a frequent basis...do we?
>

Your assumption of users keeping with the same OP for the majority case
makes sense to me as well.  To display *only* the OP they logged in with as
you describe is similar to the RPX model, which is good.  I have a theory
though, that users like consistent UI across visits.  If they visit a site
for the first time, and therefore see all the OP buttons, and the second
time they visit they see something different, it throws a wrench in the
works that we hope they'll overcome instead of get confused and leave.  So
I'm experimenting with leaving the UI mostly the same -- just graying out
the choices that we think are not the right choices for the user to see how
that works.  But you might be right -- this may be the wrong approach.


> - The mixing of protocol/framework logos (e.g. OpenID, Purple-i) with the
> OP logos might be a bit confusing.
>

Can you elaborate?  I'm not sure what you're talking about here.


> - You will eventually hit the issue of many OPs with limited screen space.
> Would it make sense to have the text box accept OP names (e.g Google) with
> Facebook style auto-completion.
>

Perhaps, but my requirements for admission into this list of OP buttons is
pretty stringent, and at the moment only Google and Yahoo really qualify.  I
really intend to avoid the NASCAR problem here by *not* throwing every OP
with more than 10,000 users at them as buttons.  You can read more about
that in my design doc.  Of course, once this "prototype" is finished, RPs
are free to throw as many buttons on there as they want.  But that's up to
them, and the kit will ship with a suggested guidelines doc so they know
what the trade-offs are.

Your suggestion about an auto-completion in the text box is very
interesting.  We'd have to do more to the UI surrounding the box to help
users know that it's available.


> Thanks,
> -Ashish
>
>
> On Fri, Oct 23, 2009 at 4:53 AM, Paul Madsen <paulmadsen at rogers.com>wrote:
>
>>  Andrew, some random feedback
>>
>> 1) I used Google the first time. The next time I saw "If you have logged
>> in previously, click the same button you did last time. "
>>
>> But what if I want to use a different OP? I know nothing is stopping me
>> but the above feels too much like a directive
>>
>> Perhaps 'You may use the same ...'
>>
>> Also, although the Google icon had a little green flag on it, there was no
>> text alerting the user to the significance
>>
>> 2) When I used Yahoo, their page doesnt fit in the pop-up
>>
>> Yahoo warned me about the bona fides of the RP (yes I know its not under
>> your control but its disconcerting nonetheless)
>>
>> 3) After successfully getting in with Yahoo, I saw the green check on both
>> Yahoo & Google icons. But when I logged out and came back the check had
>> disappeared from Yahoo.
>>
>> This didnt happen for myOpenID & Verisign, ie their green checks do light
>> up along with Google's to record past successful use
>>
>> 4) I see the install plugins prompt on FF on Vista. The auto install didnt
>> work
>>
>> 5) I get a browser warning about 'unencrypted connection' only with Yahoo
>> - on the redirect from the OP back to RP
>>
>> 6) When I tried to use a blogspot OpenID, (http://connectid.blogspot.com/)
>> the RP validation script refuses to recognize it ('No OP Endpoint found'.
>>
>> Separately, the above error message could be less cryptic
>>
>> Regards
>>
>> Paul
>>
>> Andrew Arnott wrote:
>>
>>  OpenID RP login UX
>>
>> Live demo location: http://openidux.dotnetopenauth.net/
>> Design considerations
>>
>> The DNOA<http://docs.google.com/Doc?docid=0AXB25E7fZcQCZGY1bm40ampfMTkxaHJ2emZya3M&hl=en> login
>> UX design document<http://docs.google.com/Doc?docid=0AXB25E7fZcQCZGY1bm40ampfMTkxaHJ2emZya3M&hl=en> contains
>> the design spec, and some of the reasoning that went into that design.
>>
>> One high-level goal of all this work is to produce a set of HTML, CSS, and
>> JS files that can work on any web platform, so that ruby, python, php,
>> coldfusion, and (of course) ASP.NET <http://asp.net/> RP web sites can
>> benefit from a better UI for logging users in.
>> Interesting scenarios to experiment with and/or test
>>
>>    - Login by clicking on Members Only. This invokes the full page
>>    redirect login UI.
>>    - Login by clicking Login in the upper-right corner of the page. This
>>    invokes the popup dialog UI.
>>    - Visit the account management page and add additional
>>    OpenIDs or InfoCards to your account so you can log in with multiple
>>    identities yet be recognized as holding just one account.
>>    - Login multiple times, using various OPs. Notice first that we
>>    highlight the button you chose the prior time. This helps the user not
>>    splinter his identity on a return visit in the event he has accounts with
>>    more than one displayed OP.
>>    - Notice that in the login UI some OPs support checkid_immediate, and
>>    on a return visit, a green checkmark appears in the lower-right corner of
>>    an OP button when an immediate login is available. If a green checkmark is
>>    not visible on an OP button, a popup window will be used to guide the user
>>    through the initial login process. Some OPs (such as Verisign and Yahoo) do
>>    not support checkid_immediate, and will never display green checkmarks.
>>    - When logging in, try using the OpenID button. Notice that as soon as
>>    you finish typing that discovery on that identifier begins and a login
>>    button appears within the text box. Next time you visit, the UX will
>>    remember what identifier you typed in and help you log in again.
>>    - Try using the OpenID button with an identifier that delegates to
>>    multiple OPs. Notice how the Login button that appears to help you go
>>    through checkid_setup (if no checkid_immediate requests come back positive)
>>    is a split button, allowing you to actually pick which OP to log in with,
>>    and these OPs are in priority order (adjusted for OPs that are down or
>>    misbehaving, which are moved to the bottom).
>>
>> Special release notes
>>
>> In this iteration, I've elected to go with the popup dialog approach to
>> displaying the login UI rather than a popup browser window. This is still
>> alterable, and your feedback and/or preferences on this decision is most
>> welcome.
>>
>> The current set of OP buttons displayed include 4 OPs: Google, Yahoo,
>> Verisign and MyOpenID. The last two of these do not fit the
>> qualifications given in the design document, but they are included here to
>> assist in the feedback process, and because I don't know how to make four
>> buttons (Google, Yahoo, OpenID and InfoCard) look good, so I jumped up from
>> three to six.
>>
>> In the OpenID text box area, after authentication completes a green
>> checkmark is displayed, but sometimes no login button appears to complete
>> login. This is a UX issue I haven't figured out how to solve yet. But the
>> way to proceed with login is to click the original, large OpenID button
>> again.
>>
>> The browsers I've tested with are IE8, Chrome 3, FireFox 3.5 and Safari 4.
>> If you test with other/older browsers, please leave feedback about how your
>> experience was. But currently I'm not targeting older browsers, so any bug
>> reports regarding backward compatibility may not be fixed.
>> How to leave feedback
>>
>> Just reply to this message.
>> --
>> Andrew Arnott
>> "I [may] not agree with what you have to say, but I'll defend to the death
>> your right to say it." - S. G. Tallentyre
>>
>> ------------------------------
>>
>> _______________________________________________
>> general mailing listgeneral at lists.openid.nethttp://lists.openid.net/mailman/listinfo/openid-general
>>
>>
>> _______________________________________________
>> general mailing list
>> general at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-general
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20091023/1111bea7/attachment.htm>