OpenID study at Google

Google and Yahoo have both posted a usability study for federated and openid logins. Basically both of them hint at keeping things simple and as easy to use for the user. Google has a quite nice suggestion about the UI but they all but stop at going all the way.

We’ve done a lot of thinking on this topic regarding the demo and youtube movie I linked last week. We have a similar problem that our users have to login, somehow and then login again for OAuth like authentication with e.g. Facebook for extra features.

I really like Google’s UI but would like to suggest a few simplifications:

Basically the site should ask:

With what openid identity, email address or username do you wish to login (excuse ascii art)?

-------------------------------- ------
| http://www.jillesvangurp.com | | OK |
-------------------------------- ------

The user will enter whatever seems right and the server will make a best effort to authenticate with whatever the user provides. Then the server checks the following rules (using AJAX of course) against the address/username

This is as simple as it gets. Basically, the only problem is the user entering a username that is in use by somebody else. A password field will show and login will fail.

The failure should look like this. Login failed because the user and password are incorrect. You can either:

This is as simple as it gets and it still supports a wide variety of login mechanisms.

Advantages: