Google Usability

Title: Googles Usability

Session: (TH5C)

Convener: Eric Sachs

Notes-taker(s): Sha-Mayn Teh

Discussion:'

Overview (Eric):
 * demo of the two-tab approach
 * demo of the identity selector
 * discussion of multiple identities

Benefits: * Higher signup rates for new users and higher return/login rates by existing users
 * Lower customer support costs for handling problems with accounts
 * Improved account security by leveraging the security features and scale of large identity providers like Yahoo, Google, Microsoft, AOL, etc.
 * Users obviously also benefit from the improved user experience that can be achieved with OpenID. Audiences recognize the demo is a long-awaited activity by the OpenID community.

Q: If a gmail user input his email address and password as in legacy way, can the user login successfully via openid? A: Yes, and we provide a training page to notify the user that next time he can simply choose the second login tab.

Q: Can the order of the listed nascar icons change? A: Yes, each RP site will customize its desired list.

Q: How was the website built, and how much lines of code were needed? A: The website was built by taking a popular e-commerce website package, OpenCart, and then extending the login system with a new login-box to support OpenID, as well as adding the necessary backend support. Several thousand lines of code.

Q: Will Google be making the code open source?

A: The current code was written for research purposes, and is not in a form we could open source. However we plan to continue our research in this area based on feedback from website owners, and we may provide some parts of the site as Open Source. For example, the login box user-interface is built in JavaScript and so we are evaluating how we might provide that as a stand alone component.

Q: Will this work for non-listed IDPs?

A: Yes, end users can input email or openid of non-listed IDPs.

Q: Have you tried css history for remembering accounts?

Multiple identities (Chris Messina)
 * How a user can identify in a way that is meaningful to themselves
 * Email/password works fine, but when they take creddentials to other sites
 * Using photos works well in browsers and mobile devices
 * Concept of incognito window - could you also have identity windows?
 * how to work well with multiple accounts?

Mozilla demo:
 * Browser takes over OS. user selects accounts and authorizes the browser to take over for this session
 * Identity at browser level:  incognito mode or use one of multiple identities

Quora:
 * Different profile photo shown on login page when you type in the email
 * Shows account picker on signed out page

Branding of the Plus sign
 * Is it sufficient to have a plus sign for users to know that they should add an account if there are none yet? No better icon so far.
 * If there is just one text box people think it's a newsletter signup, but people blindly respond to two text boxes (user/password)

Comment
 * add mouseover to the plus sign "add a new account"
 * Express login will become a competitive advantage

Q: How about showing both tabs on the same page?

A: We've tried many permutations (email, password/no password, buttons). People don't read, they get confused and do nothing

Q: Comment on passpack: tool that will fill in the password field for you. Why not do something similar?

A: Login box should work for IE5 with no plugins

Training page
 * shows you what you should be clicking, so you notice the 2nd tab tested against people who never used a google account, 30% of users noticed the tab and recognized the yahoo and aol buttons

Q: Reducing Nascar buttons

A: Using xAuth
 * if you go to a site that you've never visited and something shows up about them, it scares them (facebook does it anyway)

Q: Clicking plus button on one website
 * how to make it work across sites?
 * enterprises want to make it easy for their employees to log in in many places

Comments:
 * Single log out is a hard problem. Make it an advantage/feature
 * Removing the box should mean i want to clear myself

Q: How do people react to training?
 * 60% need 1 training, 30% need 2, 10% need 3. Generally positive response.

Q: What about non-openid accounts in the selector?

A: There's nothing in the UI is specific to openid

Q: What about personalized bookmarks? Drag your identity from the browser into the site

Q: What about making 2nd tab the default? A: from the sites that tested it: all sites switched to first tab until 70% With 3 idps (AOL, Yahoo, Google) looks like they can easily reach 70% Hard to do AB testing on same site.