MySpace OpenID Popup spotted in the wild
Evert | Rooftop
evert at rooftopsolutions.nl
Fri May 1 18:11:31 UTC 2009
On 1-May-09, at 1:35 PM, Johannes Ernst wrote:
> If we could get the browser developers to add anything we wanted to
> their browsers, what *exactly* would we want them to implement?
> This is not outlandish. The Mozilla folks asked repeatedly in the
> past (and we never knew what to say in response) and the security of
> a billion OpenIDs is not a set of user requirements that's easily
> dismissed either.
> It appears that it would be some kind of user interface element
> (think "popup" for a minute) that could display the OP's
> authentication ceremony. But where the browser would somehow
> "certify" that it was not a phishing attempt and came from one of
> the user's trusted OPs. In a way that is better than having the user
> to do a string compare on the URL shown in the address bar.
> What would such a user interface element look like? That's not
> limited to what we can do without cooperation from the browser guys.
> In Firefox, it could be sitting in the side bar for example. (where
> the bookmarks are) Or ...?
We recently allowed openid logins to our application, most people
don't care about it because their browser already had their username +
I want the browser to recognize openid on a page, and pre-fill it with
my default openid account information.
Furthermore, a browser could indicate a site has enabled openid,
through an icon in the addressbar, much like rss.
I personally don't know anyone who actively uses sidebars, especially
with the 'awesomebar', every operation goes into the addressbar.
I think openid id could use a slightly more 'in your face'-type thing,
not a sidebar, well-hidden in some submenu.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2433 bytes
Desc: not available
More information about the user-experience