August 23, 2009 at 21:44

Never say the word ..., or register in 2 clicks


    People do not really like to register. It’s necessary (in the general case) to come up with a login and password, go to your mail, wait for the letter, open it, follow the account activation link, and then remember this login with a password. But after all, there has long been a way by which all these steps are not needed. Moreover, you do not need to enter anything at all from the keyboard, 2 clicks of the mouse and that’s all, the person is registered.



    What is the most common element in todo startups? I think something like this: "The plans are to make login using OpenID." Why not do it? Because there’s no reason. Nobody knows about OpenID, nobody needs it. I got the impression that login or registration on OpenID is usually done in order to show the technological advancement of the project. But OpenID can be an extremely useful thing that simplifies people’s lives and increases the number of resource users. Further - my vision of how to apply this technology correctly.

    Facts


    For starters - the facts:
    1. Mail users yandex.ru, rambler.ru and gmail.com in total cover a very large percentage of users of the RuNet. Of the mail services, only mail.ru is missing here.
    2. Yandex.ru, rambler.ru and gmail.com are providers of OpenID 2.0.
    3. For authentication via OpenID 2.0, you do not need to enter anything from the keyboard at all, if the site knows the OpenID provider and the user is authorized with this provider. In OpenID 2.0, the server address is the same for all users (in the url, the username does not appear anywhere).
    4. Users do not know (and do not want to know) what OpenID is. Well, maybe 1% heard somewhere that this is such an incomprehensible thing for geeks.

    What follows from this


    In Russia (and the CIS), it is entirely possible to consider only 3 OpenID providers: the aforementioned Yandex, gmail and rambler. If you give users a choice of these 3 providers, then with a high degree of probability somewhere in a person will have an account. The user selects his provider from these 3x (1 click) - the site now has information about which url to use for authentication using OpenID. After that, you can carry out the usual authentication procedure for OpenID. If the user is authorized by the provider, then he confirms the authentication (1 more click). If not, it logs in (it’s different for everyone, at best - 1 click, the browser has set up a username and password), then confirms the authentication.

    What we have: primary authentication in 2 clicks of the mouse (if the user is authorized in his mail). At the same time, the site can either register or authorize the user. Additional data for registration (if necessary) can be obtained by SREG, hCard, ax, something can be fished out from the openid login (for all this, the user does not need to perform any actions). If something needs to be filled in yet, then ask the user further. Note that asking will need to be potentially less than with regular registration.

    Repeated logins will occur in 1 mouse click (if the user clicked “remember connection” during authentication), as in the case of autocompletion of the login-password pair by the browser. Well, of course, no one has canceled cookies to remember user authorization.

    Interface


    Now about the interface.

    It seems to me to teach users what OpenID is - a dead number. And it is worth starting from the fact that even just using the unfamiliar word “OpenID” can scare away an ordinary person. The average user has mail and an account on VKontakte or on classmates, that's all. The fact that my sister does not want to drive into some strange things with strange names (such as OpenID) is nothing wrong, this is absolutely normal. Most people, I think, will never know what OpenID is. From this premise, I propose and build a user interface.

    Here is my version of such an interface:


    Actually, this is the registration / authorization form on pip.ec. The user does not need to check mail, activate an account, come up with a username and password. Moreover, in a successful case, you do not need to enter anything at all from the keyboard, 2 clicks of the mouse and that’s all, the person is registered.

    But all this is a theory that can cause different questions (will people not be afraid of going to another site, will they click “authorize”, etc.) that only practice can answer. So what in practice?

    Practice


    In addition to registering for OpenID on pip.ec, the possibility of regular registration has also been made. The statistics is this: using OpenID, more people are registered than in the usual way. There is not a single mention of the word OpenID on the site. People who register in the usual way and have mail on gmail, Yandex or rambler are generally units. Of those who register in the usual way, half are mail.ru users.

    conclusions


    The conclusion from all this: OpenID 2.0, with the right approach, simplifies the life of users and increases the number of registrations. There is nothing geeky and marginal in it in the sense that users do not need to know that you have registration-authorization through OpenID.

    Implementation, technical details


    As for the implementation. Firstly, a little help, addresses of openid providers (remove the underscores):

    Google: _https: //www.google.com/accounts/o8/id
    Yandex: _http: //openid.yandex.ru/
    Rambler: _http: / /rambler.ru/

    Secondly, about libraries for working with openid. I am sure that for different languages ​​there are many libraries that support OpenID 2.0, if I write them in the comments, I will add it here. I have everything written in django, the code is a bit specific and I did not select it in a separate application. For the django, I would suggest trying a new project that Alexander Koval wrote (he did not try it), or this is a good application: django-authopenid , or this one: scipio .

    Third, all those interested I highly recommend a blog and a forum about OpenID Ivan Sagalaeva (which, incidentally, is also threatened shortly unreleased unreleased right openid-Consumer for python / django). If something about OpenID is not clear, read the article from there: OpenID: myths and superstitions , there was already somehow a link to it

    Everything that I wrote here is far from news, I just decided to systematize everything a bit and convey it to a larger audience. The fact is that yes, this is all not news, and projects using the described approach are not visible here.

    And yet, an appeal to the mail.ru team. Suddenly one of them will read an article. Please become an OpenID 2.0 provider. Sooner or later, developers will cut through the chip and make sites with three buttons “Yandex, gmail, rambler” more massively. It will be better for everyone: mail.ru, users and developers, if instead of 3 buttons there will be 4: “Yandex, gmail, email, rambler”.

    If you also think that it would be great if mail.ru became an OpenID 2.0 provider, you can still write more letters to the technical department of mail.ru, the address is here: corp.mail.ru/contacts.html
    Tags:

    Also popular now: