Fourteen and a half crazy frog burpers

20th November 2010

OpenID is NOT an ex-parrot!

Filed under: Human Factors,Usability,Websites — Tags: , — Alex Holt @ 2:01 pm

I’ve read a few Tweets recently that OpenID might be dead. Poppycock! OpenID is alive and kicking and as strong, if not stronger, than ever before.

An ex-parrot

What is OpenID? OpenID is a means of identifying that someone who’s visiting your site is the same person as someone who’s already been here. The was traditionally with Usernames and Passwords. If you successfully signed in, we assumed you were the same person. OpenID provides that level of authentication. It basically sends back a little message from the provider (e.g. Google) saying “Yo dude, not spoken in a while, but this customer you asked me about? Well it’s <INSERTGUIDHERE>. Just go ahead and log them straight in or create them a new account”. I now don’t need to store passwords as a website – this is great news!

Rob Conory (of Tekpub) recently wrote a very excellent article “Open ID Is A Nightmare” in which he proceeds to outline his case for why OpenID is turning into a nightmare for him. It’s an entertainingly written article in Rob’s quirky style that outlines his viewpoints as both a developer and as a business owner. The latter point, as he goes on to say, is the key criteria in why he’s reached the point he’s at at the moment.

A friend of mine was offering a ton of solutions to my Open ID woes over Skype the other day – insisting that it’s worth “investing in for the long run – the kinks will get worked out”. I sort of agree as a dev – as a business owner I couldn’t give a rat’s ass.

He is smart guy and has a number of very relevant points that anyone considering using OpenID should be thinking about. He had a number of OpenID unrelated issues (RPXNow downtime), but they all contributed to the main gripe he had about things: customers were unable to get into his site, a site they’ve paid to get access to. This is a key point. People are PAYING to watch the content over at Tekpub and through no fault of his own, they were unable to get in. The problem is easily wafted away, waving your hands in the air and saying “this is a user problem!”. The user created an account and then forgot which provider they logged in with in the first place! What fools! Let us all gather around a camp fire, eat sausages and laugh at their pathetic attempts at life. Except – lets not forget Tekpub’s audience. It’s techies. It’s developers. It’s people like us. If WE are capable of getting confused and lost as to what is going on – then the anecdotal ”mum” is going to struggle a hell of a lot more.

The bonus and one of the driving forces behind OpenID is the supposed “reduced friction” when creating an account with a site. As Rob points out, there is the issue because we can effectively get so little back from the OpenID Provider, that we’d be unable to dig out the account from the mass of other accounts with no additional data. The users account is effectively orphaned until they remember the provider they signed up with. Locked out and angry.

This debate took a whole other level of LOL when Scott Hanselman tweeted:

Is OpenID dead? Poor usability to blame?

For some bizarre reason, the Twittersphere decided that that was neither a question, but an official announcement from Microsoft that OpenID was about to fail. When in reality, it was in relation to Rob’s above post. Humourous to those unaffected, but I can imagine quite irritating and stressful to Scott.

What is wrong with OpenID?

OpenID is fantastic at doing what it’s does, but there is definitely room for improvement. Maybe not in OpenID itself, but in the way it is implemented. Some of the key things that I personally think developers need to consider when designing a login system that uses OpenID are:

  • Each Account should be able to have more than one Login method attached to it.
    This is something I think people have inherited from years gone by. Traditionally, an account has a Username and a password, and nowadays maybe an OpenID field too. In reality, the user should have the ability to add whatever authentication methods your site allows, to their account. A one-to-many relationship from Accounts to Logins. E.g. I might sign up with my Google account, then decide later that I want to create a Username and Password for whatever reason. Then a bit later, I spot you have Facebook Connect as an option – cool, I’ll attach my Facebook account to this site too. Now where am I? I have 3 ways of getting into my account. That’s great news – that’s a lot easier for me as as long as I guess one of them randomly when I’m prompted – I’m sorted.
  • Upgraded accounts require more information.
    The low barrier to entry should be set for standard users, but the minute you decide you want to upgrade them (make them a moderator or take payment for a service from them), you should require more information to make sure you can trace things when issues arise. Requiring this would have given Rob the facility to offer a “forgotten your password?” function on his login page that would solve the issue that paying customers couldn’t get in.
  • The ability to merge accounts.
    Unfortunately, people have lots of different accounts around the internet. They will probably, as Rob did when trying to access StackOverflow, get into your site using the wrong one and in the process, create a brand new account. In theory, what they wanted to do was log in as the correct one and then maybe add this new provider to their list of available logins. This is a tricky problem to solve, but it’s doable. You want to offer the option for a user to merge their two accounts, copying whatever appropriate data to their primary account. If you can achieve this, then you’re giving the users the ability to solve their own problems – great! And even if they don’t, you have a nice UI for doing it on their behalf.
  • “WTF does OpenID mean?”
    Seriously. I’m have no ready solution for this problem – but people don’t know what OpenID is and that’s because it’s techie. We probably need to drop the OpenID words from headings to merely part of the description for clarification, when displaying our Authentication Options. People should just be offered the choice of which site they want to authenticate via: Google, Yahoo!, Facebook or whatever. The issue still remains that people don’t exactly understand still what it means that they are being “authenticated by Facebook”. Half of them won’t care that they don’t know, but for the other half, you probably want to re-assure them of what it is that they are allowing you to do. I don’t want some random site I’ve just stumbled upon telling everyone on Facebook that I’ve done XYZ on website ABC. I think the OpenID selector is good – but is it perfect? Not really – it works for me and is very simple to use – but it doesn’t answer any questions you might have as a customer. As a developer, you need to do that. You need to ease their fears.

If I was creating a site now, would I use OpenID? ABSO-FRICKIN’-LUTELY! It’s great and makes it so easy to actually log into to a site. If I can transfer that ease-of-access to the customer, while not freaking them out – then I’m onto a winner! Is OpenID an ex-parrot? Not at all – it’s here for the foreseeable future in my opinion. And that is a great thing!

20th May 2009 – (Almost) Better Than Pie!

Filed under: Websites — Alex Holt @ 7:01 pm

I know, I know – it’s an outrageous claim! How can a website be better than pie? Obviously, a Meat Pie still has its place atop of the leaders board – but what about the Steak & Kidneys and Apple pies… can a website really be good enough to top them…?

I’ve been subscribed to Jeff Atwood’s blog, Coding Horror, for a year or two now – it always makes for an excellent read. He would say that it [consistently doesn't suck, or it sucks inconsistently]…

Anyway…! A bit back, he teamed up with Joel Spolsky (of Fogbugz) and he coded with help from others the very excellent Stack Overflow! Amazingly, for years we made do with generic Google searches and the scroll-bar intensive Experts-Exchange (which geniously, was named without the dash: ExpertSexChange). I’ve been a long fan and admirer and although I don’t actively participate much in the community, I’m in massive awe of what they have achieved and have been registered since the beta. They have literally taken the developer and programming community by storm!

There are so many things that I could mention in this post, but it would just go on for absolutely ages, so I’ll just try and list some of my favourites:

Open ID to Login:

Woah! What the hell is this OpenID lark? Turns out its mega kick ass! I’m sure I’m not alone in my naivety of this excellent standard, but what I’m hoping for now is that actually StackOverflow opens the eyes of developers everywhere and they all start to use this instead of yet more passwords and usernames! Not that you have to login of course. You can simply browse around and see all the answers and questions and to the most part – feel like a valued customer.

In addition to just using OpenID though, it does a really excellent user experience. To login, all I need to do is click the provider of my OpenID and then type in my username and it guesses the rest of my URL. It then sends me to my provider who I’m already logged in with and confirm I want to allow SO to find out about me – and BOOM! I’m born!

Look at all the colours! It's amazing!

Look at all the colours! It's amazing!

It’s A Question & Answer Site

All the existing rivals I’ve seen for StackOverflow were based on the tried and tested discussion boards technique. But this didn’t ever suit the function it needed to perform and answers could get lost in the midst of a page of differing opinions. This was solved in some cases by adding the ‘accepted answer’ technique, whereby someone would click to say that a specific response was able to satisfy their query. StackOverflow improved upon this model by adding a few mechanisms that allowed it to get rid of a few of the niggling flaws.

In an ideal world, everyone would know how to ask a good question and will include all relevant information. However, we don’t live in the ideal world (pie’s contain calories – do you need more proof?), so further information or clarification is often sought. This can be added into the original question, or as a comment in addition to it.

Creating the perfect question

Creating the perfect question

As you can see in the example above, the site is built towards not only getting top quality answers, but top quality questions too! Eljenso asked this question, but there was some debate over the question and what was meant by “flow”, between the original poster and the other users, they came to a fairly decent understanding. You can also see the question was edited – this was probably by the original poster. But if you are sufficiently trusted by the system (you have a high enough ‘reputation’), you’re able to rephrase the question, correct spelling, format code better – whatever you feel will help the correct answer appear.

Badges & Reputation

So, you have a fab site with an excellent mechanism for logging in, a clearly defined purpose (in being an “questions & answers” site), you even have the means to allow people to create the perfect questions – but without a great answer, or more specifically, without a constant flow of great answers. Your site is worthless.

StackOverflow tackled this in an interesting and seemingly extremely successful way. Reputation and Badges. First, let me say that StackOverflow wasn’t launched from nothing. Jeff Atwood had a big following thanks to his blog, and similar could be said about Joel Spolsky. If they blogged about this new project and asked for participants (including on the blogging site devoted to StackOverflow that existed throughout development) – they would have got hundreds if not thousands of offers from their readers. This didn’t rule out the need for (not only a good product, but also) a good marketing campaign. This they did well with their blogs and with the very excellent and entertaining StackOverflow Podcast (recommended and available from iTunes too). Basically, the problem they had wasn’t in gaining an audience – it was in keeping it. They had to create a site that was engaging and encouraging to read and answer questions for. They achieved something better though, they created an addiction. They managed to create a site that rewarded and encouraged users to not only reply, but reply well! So many sites reward for the most amount of posts, whereas StackOverflow lets other users say whether your points total should go up, based on how useful they think the question was.

The one thing that takes this really to the next level, is Badges!

Jon Skeet's badges have been removed to avoid the need for Horizontal Scroll

Jon Skeet's badges have been removed to avoid the need for Horizontal Scroll

There are the three types of badges indicating the difficulty of gaining them, and these badges are shown on your user profile so that people can see your achievements (and to some degree “trustability”). Even when you post a question or answer, people can see the number of bronze, silver and gold badges you have, along with your total reputation. These aren’t new ideas please note (badges for example are simply the same as XBox Achievements), they are just great implementations of them. Why re-invent the wheel? All you have to do work out how to get all the best ideas into one very nice, round package. This system they created, did that very well!

A quiet moment should be inserted here in homage of the great Jon Skeet. Almost double the reputation of his nearest rival using that age old formula of ‘writing an excellent and accurate answer’. /bow.

Maybe Google is just fibre optics into Jon's mind...?

Maybe Google is just fibre optics into Jon's mind...?

In short – it’s really worth checking out! If you do any sort of programming (or if you’re a responsible for the servers, then maybe visit – the sister site, an almost clone of StackOverflow by the team), then you may find help (or be able to help others) at this site. If you do get addicted, please don’t forget to eat (though feel free to send the Pies to me!)

Theme designed & built for by Alex Holt. Powered by WordPress