Non-directed identity UX question
Allen Tom
atom at yahoo-inc.com
Fri Jan 15 02:19:24 UTC 2010
On 1/14/10 3:51 PM, "Breno de Medeiros" <breno at google.com> wrote:
>
> You mean that the RP didn't perform discovery? Or that the user
> mistyped a URL and it happened to be a valid OpenID URL for someone
> else?
>
The user mistyped their url, but the RP was still able to discover the OP.
For instance, the user might have typed in "me.yahoo.com/userid" even though
they had not configured a vanity URL for their yahoo account.
Another example is that the user didn't realize that Flickr OpenIDs start
with "www." and typed in "flickr.com/photos/username" when the correct
OpenID url is "www.flickr.com/photos/username"
At any rate, the RP did managed to discover the user's OP endpoint, so the
string wasn't too badly mangled.
>>
>> If the user initiated the login process by entering their email address,
>> then I think it would more likely that the string is correct, since the user
>> probably knows their email address and is able to type it correctly.
>
> I actually have doubts about that, because the email address space is
> so densely used.
>
Yeah - also I've been noticing lately that many sites ask the user to enter
their email address twice, to make sure that they didn't enter it
incorrectly.
More information about the user-experience
mailing list