OpenID UX Summit - Lessons Learned from RPX

•

2 gefällt mir•734 views

guest8f42667

Brian Ellin's talk on patterns that work in 3rd party authentication.

Technologie Business

OpenID in 2010
Relying Party UX Overview and Lessons Learned

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
1

What is OpenID?
Authentication & proﬁle import for easily
moving around the web

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
2

The OpenID Opportunity
Rethink registration and sign-in as it exists today.

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
3

Quick Engagement!
1. No new password at every site
2. No re-entering proﬁle everywhere
3. No verify-email dance
4. Lower mental investment!

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
4

Take a step back
Don’t just bolt OpenID onto your existing registration
system as a password replacement. Treat it equally.

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
5

Simplify
1. Simplify Login/Register ﬂow
2. Avoid lengthy registration forms
3. Engage quickly, ask for data as needed

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
6

Users are getting it...
but the interface is key.

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
7

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
8

Button Driven Sign-in

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
9

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
10

blink182.com

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
11

3rd Party vs Email+Password
60% choose 3rd party on blink182.com

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
12

tigweb.org example

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
13

Interface is below the fold...
!"#$%"&

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
14

tigweb.org - improved registration page
!"#$%

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
15

NASCAR Style
Favicons can mean
other things
Share This, Follow, Become a Fan etc.

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
16

Best accompanied with a
clear message of beneﬁt

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
17

89% chose a 3rd party
instead of clicking login/signup

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
18

Combine Login & Register
For a single, simple experience.

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
19

Single entry point into system

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
20

Return experience is key
when offering many choices

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
21

Use immediate mode
when you can.
Sign-in without redirecting or opening a popup.

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
22

Avoid the full browser
redirect by using a
small popup window

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
23

openid.ui.mode=popup

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
24

Mobile Considerations
Don’t use a popup for iPhone and Android browsers.

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
25

Mobile + OpenID is great!
1. Typing on a phone is hard
2. No new password at every site
3. No re-entering proﬁle data each site
4. Less mental investment!

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
26

Proﬁle Data
Data transport on top of OpenID via AX/Sreg

email, ﬁrst name, last name, country,
language, proﬁle pic url, nickname,
gender, date of birth, postcode

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
27

Veriﬁed Email
Many providers issue an email address that they have
already veriﬁed. You don’t have to verify it again.

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
28

OAuth Hybrid
Piggybacking OAuth on top of OpenID for access to
Contacts, Social, and other rich APIs....

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
29

NASCAR Alternatives
brianellin@gmail.com
brian@janrain.com
bcellin@yahoo.com
brianellin@hotmail.com
me@brianellin.com

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
30

Who is your audience?
Build an interface and integrate with appropriate
providers.

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
31

A few years out
1. Only managing passwords at provider sites
2. Using a password at a non provider site will
be a foreign concept

OpenID UX Summit 2010
Brian Ellin / brian@janrain.com
32

Empfohlen

When Everyone Is A Designer: Practical Techniques for Ethical Design in the D...Joe Lamantia

Frameworks Are The Future of DesignJoe Lamantia

Lessons learned on Corporate Social Networks [intra.NET Reloaded 2012]Zyncro

Slot del emprendedor IDC Cloud barcelonaZyncro

Effective IA For Portals: The Building Blocks FrameworkJoe Lamantia

Designing Frameworks For Interaction and User Experience Joe Lamantia

Slot del Emprendedor Ana Fernández IDC Cloud 2013 Zyncro

Social Media in Egypt IOETI Conference 2011Fady Ramzy

Empfohlen

When Everyone Is A Designer: Practical Techniques for Ethical Design in the D...Joe Lamantia

Frameworks Are The Future of DesignJoe Lamantia

Lessons learned on Corporate Social Networks [intra.NET Reloaded 2012]Zyncro

Slot del emprendedor IDC Cloud barcelonaZyncro

Effective IA For Portals: The Building Blocks FrameworkJoe Lamantia

Designing Frameworks For Interaction and User Experience Joe Lamantia

Slot del Emprendedor Ana Fernández IDC Cloud 2013 Zyncro

Social Media in Egypt IOETI Conference 2011Fady Ramzy

Social Networking Security WorkshopPrathan Phongthiproek

Leveraging Social Media to Increase Brand Awareness and Drive Leadsncarrier

Intranet 2.0 ToolsPrescient Digital Media

O365 gets serious about AIHarsh Mishra

Fitocracy ny apps march 2013 talkfitocracy

Portfoliomomiji chen

VDMA Social Web PräsentationMartin Koser

Mobile LBS Summit 2010, WiesbadenJackson Bond

All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough

Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica

[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra

So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda

Accelerating Enterprise Software Engineering with PlatformlessWSO2

Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh

Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood

Connecting the Dots for Information Discovery.pdfNeo4j

React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech

React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma

Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal

Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos

Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada

4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica

Weitere ähnliche Inhalte

Ähnlich wie OpenID UX Summit - Lessons Learned from RPX

Social Networking Security WorkshopPrathan Phongthiproek

Leveraging Social Media to Increase Brand Awareness and Drive Leadsncarrier

Intranet 2.0 ToolsPrescient Digital Media

O365 gets serious about AIHarsh Mishra

Fitocracy ny apps march 2013 talkfitocracy

Portfoliomomiji chen

VDMA Social Web PräsentationMartin Koser

Mobile LBS Summit 2010, WiesbadenJackson Bond

Ähnlich wie OpenID UX Summit - Lessons Learned from RPX (8)

Social Networking Security Workshop

Leveraging Social Media to Increase Brand Awareness and Drive Leads

Intranet 2.0 Tools

O365 gets serious about AI

Fitocracy ny apps march 2013 talk

Portfolio

VDMA Social Web Präsentation

Mobile LBS Summit 2010, Wiesbaden

Kürzlich hochgeladen

All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough

Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica

[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra

So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda

Accelerating Enterprise Software Engineering with PlatformlessWSO2

Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh

Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood

Connecting the Dots for Information Discovery.pdfNeo4j

React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech

React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma

Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal

Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos

Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada

4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica

Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes

Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA

QCon London: Mastering long-running processes in modern architecturesBernd Ruecker

JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300

Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein

A Glance At The Java Performance ToolboxAna-Maria Mihalceanu

Kürzlich hochgeladen (20)

All These Sophisticated Attacks, Can We Really Detect Them - PDF

Glenn Lazarus- Why Your Observability Strategy Needs Security Observability

[Webinar] SpiraTest - Setting New Standards in Quality Assurance

So einfach geht modernes Roaming fuer Notes und Nomad.pdf

Accelerating Enterprise Software Engineering with Platformless

Generative AI - Gitex v1Generative AI - Gitex v1.pptx

Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...

Connecting the Dots for Information Discovery.pdf

React Native vs Ionic - The Best Mobile App Framework

React JS; all concepts. Contains React Features, JSX, functional & Class comp...

Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...

Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)

Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...

4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector

Assure Ecommerce and Retail Operations Uptime with ThousandEyes

Long journey of Ruby standard library at RubyConf AU 2024

QCon London: Mastering long-running processes in modern architectures

JET Technology Labs White Paper for Virtualized Security and Encryption Techn...

Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24

A Glance At The Java Performance Toolbox

OpenID UX Summit - Lessons Learned from RPX

1. OpenID in 2010 Relying Party UX Overview and Lessons Learned OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 1

2. What is OpenID? Authentication & proﬁle import for easily moving around the web OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 2

3. The OpenID Opportunity Rethink registration and sign-in as it exists today. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 3

4. Quick Engagement! 1. No new password at every site 2. No re-entering proﬁle everywhere 3. No verify-email dance 4. Lower mental investment! OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 4

5. Take a step back Don’t just bolt OpenID onto your existing registration system as a password replacement. Treat it equally. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 5

6. Simplify 1. Simplify Login/Register ﬂow 2. Avoid lengthy registration forms 3. Engage quickly, ask for data as needed OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 6

7. Users are getting it... but the interface is key. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 7

8. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 8

9. Button Driven Sign-in OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 9

10. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 10

11. blink182.com OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 11

12. 3rd Party vs Email+Password 60% choose 3rd party on blink182.com OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 12

13. tigweb.org example OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 13

14. Interface is below the fold... !"#$%"& OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 14

15. tigweb.org - improved registration page !"#$% OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 15

16. NASCAR Style Favicons can mean other things Share This, Follow, Become a Fan etc. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 16

17. Best accompanied with a clear message of beneﬁt OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 17

18. 89% chose a 3rd party instead of clicking login/signup OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 18

19. Combine Login & Register For a single, simple experience. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 19

20. Single entry point into system OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 20

21. Return experience is key when offering many choices OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 21

22. Use immediate mode when you can. Sign-in without redirecting or opening a popup. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 22

23. Avoid the full browser redirect by using a small popup window OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 23

24. openid.ui.mode=popup OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 24

25. Mobile Considerations Don’t use a popup for iPhone and Android browsers. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 25

26. Mobile + OpenID is great! 1. Typing on a phone is hard 2. No new password at every site 3. No re-entering proﬁle data each site 4. Less mental investment! OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 26

27. Profile Data Data transport on top of OpenID via AX/Sreg email, first name, last name, country, language, profile pic url, nickname, gender, date of birth, postcode OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 27

28. Veriﬁed Email Many providers issue an email address that they have already veriﬁed. You don’t have to verify it again. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 28

29. OAuth Hybrid Piggybacking OAuth on top of OpenID for access to Contacts, Social, and other rich APIs.... OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 29

30. NASCAR Alternatives brianellin@gmail.com brian@janrain.com bcellin@yahoo.com brianellin@hotmail.com me@brianellin.com OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 30

31. Who is your audience? Build an interface and integrate with appropriate providers. OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 31

32. A few years out 1. Only managing passwords at provider sites 2. Using a password at a non provider site will be a foreign concept OpenID UX Summit 2010 Brian Ellin / brian@janrain.com 32