charmian: a snowy owl (Default)
The discussion on whether openID is undesirable seems to have picked up a bit here.

In general, though, there seem to be two potential ways openID may be undesirable under discussion.

The first is that openID accounts may be bots/spammers. However, according to what people have said, on DW openID accounts haven't been a major source of spam. Also, both on LJ and on DW, an unvalidated openID account is considered equivalent to an anonymous account, but an openID account which has been validated is considered equivalent to a member. So, just like a regular account, an validated openID account is presumably more likely to have a real person behind it. Therefore, I can't really see much difference, anti-spam-wise, between the two.

The second is that treating validated openID accounts as equivalent to members constitutes a security flaw. Coming from only the LJ-perspective, I don't agree with this either, because restricting comment to members only strikes me as more of an anti-spam measure than a security one. If anyone can sign up for an LJ account at any time, it doesn't make sense to me to consider LJ users at large a 'trusted group,' since any person can sign up for many accounts. Also, LJ doesn't require people to provide any public information about themselves to other users, so I can't really say that making an LJ account makes a user more 'known.'

I also think that the LJ devs didn't want to encourage users to consider LJ members as a 'trusted group,' as shown by their refusal to implement 'members-only security level.' IIRC this was dismissed as 'security by obscurity.'

(That said, I'm not so sure people are unable to navigate the concept of members-only-security as much as the devs thought they would be able to. It seems to work out ok on social networks which have this feature. However, I would be strongly against this on DW UNLESS they stop having invite codes, in which case I'd personally not really care one way or the other.)

(Also, I'm against the idea of a members-only (excluding openID) commenting level on DW as long as invite codes remain. If there's open registration like LJ has, I have no problem with it.)
charmian: a snowy owl (Default)

The commenter makes a good point, in that does it really count as openID adoption if you can't really TELL that the sites are using openID and there is no generic openID login? <--the blogger responds.

On Dreamwidth, it seems, there is reportedly some feelings that openID integration has gone too far:

I personally haven't seen this kind of sentiment mentioned, so I can't really say much about why people feel this way.

Also, word of a troublesome (now fixed) bug at LJ. This was major flaw, and thankfully, it was discovered quickly.

Is it normal for bugs like this to slip through? 0_o

another point

Friday, July 30th, 2010 07:50 am
charmian: a snowy owl (Default)
[personal profile] matgb brought up a really, really good point in the comments of the last post: what happens if I trust/friend an openID account, and that account is deleted and someone else renames their journal to it? Won't the owner of the renamed account have access to all of the content that the account formerly had access to?
charmian: a snowy owl (Default)
Recently, LJ had been restricting openID usage of LJ accounts which had been renamed. The problems seem to have been resolved to some extent, but I'm not sure what they'll end up doing in the long run. Basically, the problem has to do with renames. If you delete your account, and I rename my account to take up your old username, I can use openID to login to sites where you have previously left data under the open ID identity, view it, delete it, etc, and represent myself as Now, probably you can say that since you abandoned, you implicitly consented to my assuming the identity; however, I'm worried about the privacy implications this has. Many users do not understand openID or how it works very well at all. If you understand how it works, it becomes immediately obvious the renamed LJ account would be technically indistinguishable from the prior LJ account, but many people don't understand openID and also, could have used it, but not remembered that they had.
openID combined with potential new LJ policy creates some potential serious social problems for sites where LJ users log in with openID )
charmian: a snowy owl (Default)
I just installed Intense Debate, which is like Disqus, only it's owned by Automattic and thus integrates even better with self-hosted Wordpress. So far, I'm liking it, especially because I can install Facebook Connect and Twitter login without having to install separate plugins. Since my blog receives a lot of search engine traffic, it makes a lot of sense to me to have FB connect and Twitter login as commenting options, I feel. The blog also receives quite a bit of traffic from LJ (although I'm not sure how much is really from LJ users, as there's like an index post which happens to be hosted on LJ which links my blog), so ideally I would like to have an "LJ login button" (the actual mechanism would be openID) too) But anyway, with the button already being there, maybe it's already too 'Nascar-ized.' If no one uses the Twitter option after a few months, I may remove it.

Twitter login didn't require any additional customization, but to install the FB connect, I needed to go to Facebook, make an application, and enter in the API key to Intense Debate, as well as some URLs to FB itself, but this only took a few minutes, and now it appears to work. I had no idea it would be so easy to implement FB Connect, from the user perspective.

Anyhow, while writing a post to users about how openID could be used to allow them to use their LJ identities to comment, I also wondered, what about Gmail? What would you need to type in for using openID with Google/gmail? I actually couldn't figure it out off of the top of my head.

Poll #2530 openID w/ google
Open to: Registered Users, detailed results viewable to: All, participants: 29

Do you know what to enter in the URL box to use your Gmail/Google account as an OpenID? (off the top of your head; don't use Google to find out the answer)

View Answers

4 (13.8%)

25 (86.2%)

What's OpenID?
0 (0.0%)

What's an URL?
0 (0.0%)

so, what's the answer? and more about Nascar-ization )
charmian: a snowy owl (Default)
There's a suggestion on the DW Suggestions comm about automatically putting in a LJ OpenID login form when posts are crossposted to LJ. I'm in favor of the general sentiment that OpenID is not really intuitive to the average user, and inconvenient besides (especially compared with Facebook Connect and the Twitter login), though I'm not sure this is the only way to deal with the issue.
more on this subject )

is openID enough?

Thursday, October 22nd, 2009 09:04 am
charmian: a snowy owl (Default)

Matgb brings up a good point here: for people whose LJ/DW journals are read by a lot of people who are not LJ users, openID isn't that helpful. OpenID is not that intuitively understandable to the non-technically aware. Even on LJ, where because it's harder to use than other platforms users might be said to be more internet-aware than your average bear, people needed to have openID extensively explained to them before they understood it.

Also, openID works well for users who are already members of livejournal (or blogger). However, although other sites might use openID, it's not clear to the average user which sites do, and even if so, what they must enter in to do so. (For example, in the FAQ there is no discussion of the fact that Gmail and Yahoo also support it). I guess if anyone besides people who already have LJ or DW accounts read this blog, I would also wish that Facebook Connect and Twitter users could comment (Posterous has this).

BTW, Tumblr users: it seems you can use your Tumblr blog as an openID, and if you use IntenseDebate instead of Disqus, you can have openID people comment also.Disqus now supports openID.

May 2014

18 192021222324


RSS Atom

Most Popular Tags

Expand Cut Tags

No cut tags