Easier Registration with OpenID?

Today I have read an article on a Swiss blog which really made me think. The author’s company is offering various courses on research on the internet and also on using Web 2.0 services. He mentions that many participants of those courses have problems registering with Web 2.0 services and setting them up properly because the registration process was too difficult for them.

What’s the big deal about registering with any service? Well, that has been my first thought. I – and probably most readers as well – sign up to sites almost daily. No problem: user name, password, every now and then OpenID, some very basic profile data and you can start using a new website for your own benefit.

So why should there be any problems? According to the author because people are stillstuck in Web 1.0. They didn’t need to register with any sites before and are not used to it. This is raising two questions:

Is there a gap between internet users?

The question deserves an affirmative answer, I think. Ask family members, friends, and colleagues if they have heard about or even use RSS, blogs, Twitter, and Digg. I guess most will negate the question. Sometimes we seem to forget that most people still don’t spend a lot of time on the internet and therefore don’t know much about new trends and services. Recently I have participated in a survey about technology and internet. One question was how many hours I spent on the internet each week; the highest number I could choose was 20 hours. Yes, just 20 hours.

Can OpenID profit from it?

I am not sure. Of course, just a single password was required anymore and most profile data could be stored centrally at the OpenID provider. But wouldn’t users be even more confused if the relying party was forwarding them to the IdP and from there back to the relying party?

While I think that signing in to websites with an OpenID is pretty straight forward already, the process should be even more simpler and as unobtrusive as possible. Most people expect a quick registration process without any hassles. The involvement of a second website (=Idp) will put many off, I guess. So the IdP should be almost invisible to them. I don’t know if that’s possible but it should be considered if OpenID was to be adopted by a large number of users.

22 thoughts on “Easier Registration with OpenID?

  1. I totally agree on those two points, many non-techies will have problems with OpenID. But I think that with the time they will get used to it.

  2. I really hope so because OpenID is simplifying the registration process.
    Though while I have been aware of the gap between different kinds of people using the internet, I never thought that registration was really an issue. The gap is probably even bigger than I could imagine. Makes me think.

  3. I also didn’t think registration is a problem. Again, isn’t it plain false to say the Web 1.0 didn’t require registration!? There were also discussion features on news sites or forums which required registration. And if you take todays social networks (and even 1.0 dating sites and thelike), there are not only tech-aware users on them. Anyway sites should try to make this process as simple as possible, not too confusing. OpenID might really confuse people in the beginning, but I believe they can learn how that works because the concept isn’t too complex. It’s the job of the OpenID providers, especially big sites who become OpenID providers now (like AOL), to explain their users what OpenID is and how they can use it. And then OpenID lowers the barrier to use a new site which is, what I always say, an advantage for businesses on Web 2.0.

  4. Yes, people had to register accounts for free email providers like Hotmail and GMX and also to sites like you mention. Maybe it’s not just registration but really setting things up, even if it’s just digging a story on Digg. I don’t know but I guess the author of the article is knowing his clients pretty well.

    I agree on your point about big IdP’s like AOL. If they really want to push OpenID they better start explaining it to their users now.

  5. “Is there a gap between internet users?”

    yeah, there is. And as using rss properly is like driving on the highway whilst not using it is like walking, the gap gets bigger every day.

  6. There is a new Pew study on internet and mobile devices use of US Americans which is pointing in a similar direction.

  7. The problem with OpenID is that it’s “difficult” to really share profile data.

    As a website I want to have a user register, give me their email address and a bunch of other tidbits (Name, location, etc.,etc.) So here comes OpenID — great I now can “skip” the one page of please pick a username and password, and trade it for 2 pages of “login with your openid”, approve that your openid should share information with my site (typically a horrid page design). Come back to my site and I’ll still give you just about every text box that you would have had anyway, plus I’m going to present either a captcha or a confirm email flow just to make sure that i’m not getting spammed.

    So as a site builder, there’s little value in OpenID … As a user I don’t have to have another username / password, but heck it’s the same everywhere anyway…

  8. “…but heck it’s the same everywhere anyway…” :D That’s one reason why I really like OpenID. I KNOW that I used just two or three different user name/password combinations because I’m lazy.

    Anyway, I see your point. You want control on who is using your website. I can understand this. Though is it really necesary for your (or anyone else’s) website to store data like my email address? You can’t make much use of it if you have a privacy statement which doesn’t allow disclosure of personal identifiable data to a third party. Also it is not really necessary to use captchas or confirmation emails to block spammers. If spammers can sign up with an OpenID they can also sign up with disposable email addresses. I am naive, ain’t I?

  9. Spammers, I hate spammers… In a previous life I worried about email spam and writing anti-spam software, now I’m dealing with link URL spamming for PageRank. I dig into some of the spam accounts that are created and they are using disposable yahoo email addresses to create their accounts.

    OpenID vs. InHouseID they really don’t prevent or promote spam in any way, the biggest problem is that all a spammer needs to do is set up effectivly a NULL authentication provider — forget disposable email address, it’s disposable providers — as any OpenID credential is valid. Now, we’re off in a land of creating openid credential trust networks, possibly verisign shows up and makes some grand claims.. In general, the OpenID network (aka the whole internet) becomes the weakest link. For InHouseID — sure I’m not going to claim to have a perfect solution, but at least I can enhance or modify the security measure as I see fit along with a minimum standard…

    It’s not about our Privacy Policy — since while I won’t sell your name … I will spam you (oh, notify you about new features). If it wasn’t for that I would still need your email address to confirm things, notify you about specific events on your service, try to convince you to come back once in a while…

  10. OK, an email address might be useful. As a relying party you could use the OpenID Simple Registration Extension (see also here) so you can retrieve the user’s email address. Though while I favour OpenID I don’t think all websites have to implement it; it’s their decision. OpenID is still in a rather early stage of development and will improve over time.

    Some related reading material:
    Email as an OpenID proposal
    Debating emails as 1st or 2nd class OpenID citizens
    An OpenID is not an Account by Simon Willison

  11. I have to agree with Carsten: OpenID is not applicable everywhere, and still in an early stage. There are some changes/extensions that are being made to the protocol, and hopefully they solve some of the issues. The OpenID protocol takes some load from the users and moves it to the server, but I believe it’s worth it, with OpenID it’s much easier to get new users to “register”/use your site.
    Time will show if OpenID is good or bad :-)

Comments are closed.