Janine was trying to comment on a blog the other day and asked me “what’s this OpenID thing?”. It appears that some Blogger accounts require you to sign comments with credentials from one of several sites or OpenID.
Her confusion was an indication of how far OpenID has to go before it will be usable by everyone. It provides the basic plumbing for authentication but its usability issues are a major problem.
Even if I’d tried to explain to her what OpenID is, the fact that logging in would jump her to another site then back again would have completely freaked her out and destroyed any notion that this was “simplifying” the login process.
This is a typical example of what happens when you let the implementation details poke through to the user.
The underlying protocol works by jumping between sites but this is the antithesis of what the user actually wants to do. They are at site A and they want to log in. Taking them to Site B completely destroys their conceptual model of what they are trying to do and sparks one of those wild-eyed “what the hell is the computer doing now?” moments.
It looks like these shortcoming are starting to be recognised so OpenID still has a chance of being integrated smoothly into the user’s browsing experience, but it’s a shame it’s had such a bad start for want of some up-front brainstorming on what user’s actually want to do.
Anyway, I’ve been experimenting with OpenID on and off with WordPress plugins and found it kind of clunky to set up reliably. An article on WebMonkey suggested that you could use Blogger as an OpenID provider by pointing your domain there. I did and it does.
Now I’m set up with a working OpenID and I can play along as it (hopefully) evolves into the universal sign-on we are looking for.