MySpace OpenID Popup spotted in the wild
Evert | Rooftop
evert at rooftopsolutions.nl
Fri May 1 18:11:31 UTC 2009
On 1-May-09, at 1:35 PM, Johannes Ernst wrote:
> If we could get the browser developers to add anything we wanted to
> their browsers, what *exactly* would we want them to implement?
>
> This is not outlandish. The Mozilla folks asked repeatedly in the
> past (and we never knew what to say in response) and the security of
> a billion OpenIDs is not a set of user requirements that's easily
> dismissed either.
>
> It appears that it would be some kind of user interface element
> (think "popup" for a minute) that could display the OP's
> authentication ceremony. But where the browser would somehow
> "certify" that it was not a phishing attempt and came from one of
> the user's trusted OPs. In a way that is better than having the user
> to do a string compare on the URL shown in the address bar.
>
> What would such a user interface element look like? That's not
> limited to what we can do without cooperation from the browser guys.
>
> In Firefox, it could be sitting in the side bar for example. (where
> the bookmarks are) Or ...?
My $0.02.
We recently allowed openid logins to our application, most people
don't care about it because their browser already had their username +
password stored.
I want the browser to recognize openid on a page, and pre-fill it with
my default openid account information.
Furthermore, a browser could indicate a site has enabled openid,
through an icon in the addressbar, much like rss.
I personally don't know anyone who actively uses sidebars, especially
with the 'awesomebar', every operation goes into the addressbar.
I think openid id could use a slightly more 'in your face'-type thing,
not a sidebar, well-hidden in some submenu.
Evert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2433 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-user-experience/attachments/20090501/f1c96592/attachment-0002.bin>
More information about the user-experience
mailing list