Rethinking Web Logins With OpenID Connect
Even with all the support OpenID enjoys within the tech industry, it’s no secret that the identity management technology still confuses the hell out of most web users.
One of OpenID’s biggest proponents thinks part of the problem lies in the name.
Identity guru and noted open source advocate Chris Messina breaks it down in a post on his Factory City blog, where he lays out his ideas for making OpenID “both easier and sexier” for the general web audience.
Consider OpenID in the shadow of Facebook Connect, its far more successful competitor based on Facebook’s proprietary platform. Forget that Facebook is much more widely known than OpenID — the real problem is that Facebook Connect is attached to an actual thing you can log in to, a website you can visit, a company you’ve heard of.
OpenID, on the other hand, is more nebulous. Your identity… on the web… portable… everywhere… what?
Everyone knows what Facebook is, so add “Connect” to the familiar Facebook logo and most people can work out what’s probably going to happen — the site you’re using is going to connect to your Facebook account, and some information about you and your friends will be shared between the two.
OpenID lacks the brand recognition of Facebook, not just because of Facebook’s fame, but because Facebook is a website and OpenID is an abstraction.
Messina suggests adding “Connect” to OpenID so that it mirrors Facebook Connect, Twitter Connect and other sign-in systems might help. And Messina’s rebranding — the snazzy black button above — is certainly a step up from OpenID’s current logo and branding.
As for the “connect” aspect, Messina gives a layman’s definition of OpenID as “a technology that lets you use an account that you already have to sign up, sign in, and bring your profile, contacts, data, and activities with you to any compatible site on the web.”
In order to do that, however, Messina is proposing more than just a name change. He’s suggesting that OpenID be repackaged as a profile of the OAuth WRAP protocol. The idea is that OAuth WRAP could handle the actual connections between the websites sharing data and OpenID would then offer a standardized way to pass along profile data, relationships, access controls, and activities (what you’ve “liked,” “loved,” “favorited,” etc.).
So, how would that simplify OpenID for new users? For one, it would help solve the “NASCAR problem” — current implementations of OpenID often display a half-dozen or so sign-in options, and the effect is similar to the garish mish-mash of ads covering NASCAR vehicles. It’s visually and psychologically confounding.
Messina’s design would mean that, instead of an assortment of rainbow-colored logos from Yahoo, Google, Microsoft and other OpenID providers, there would simply be the singular black button above. He admits that after you click the shiny black button, the NASCAR problem might still be there on the next step — at least for now — though he does promise some additional screenshot mockups and suggests that “the browser could handle this at an earlier stage.”