My Photo

« ValleyFreude: Taking Pleasure in Geek Pain | Main | Facebook: Big, Sticky, & Growing »

Monday, February 12, 2007

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d834517b5669e200d8351859b369e2

Listed below are links to weblogs that reference Middle America vs Silicon Valley, or "crap i forgot my password" <> OpenID, and the illusory quest for single signon:

Comments

Marko

I don't understand his point...

Aaron

Hey Dave,

Thanks for the comments on my post on Startupism. Just so you know, I have no problem with swearing, and no problem at all with the point you were trying to make. I completely agree that geeks often do not look at problems the same way everyone else does, and that often means the solutions don't work/don't make sense/are too difficult to use/grasp.

(Side note: MORE HECKLING! I'd heckle but as a non-panelist and non-pseudo-internet-celebrity I would just get kicked out.)

I think a major reason that 'middle America' isn't going to care about social network data portability is that different web sites and social networks are positioned differently in our minds - Myspace has the info about us that we have given it, which is a different set of information than what Facebook has. Most people, as far as I know, aren't going to be dedicating a lot of time to more than a few social networks, and will use sites with social networking features (event invites, photo sharing, things like that) only as much as they need to.

So why wouldn't I want portability for that information? Not because I don't believe in open standards or anything like that, but because I do not want all of these different web sites to have all the information about me that they want. They need to earn my trust, right?

I still have a sour taste in my mouth thanks to certain sites/networks' constant scraping of address books and other data to spam me because of other peoples' stupidity. By default I do not trust new social networks.

-Aaron

George Hotelling

I definitely agree with you that service provider adoption and user education are the two biggest hurdles for OpenID.

I only hope that it winds up like Internet email where the geeks use it and eventually it trickles down to normal people and the network effect forces silos to open up; and not like Jabber which is a great idea on paper but hasn't gotten traction with major service providers (outside of Google) and "Middle America."

Dave

George -

the issue isn't whether OpenID is useful or not... of course i'd agree it is.

what i was trying to say is that the messaging & implementation around OpenID doesn't appear to be very easy for the average Internet user to digest (imho), and isn't setup well for success.

also, solving the problems as you suggest STILL depends on the mass market adopting OpenID -- and that means more than Microsoft & AOL just announcing support for it / experimenting with it.

having supported technical education & evagnelism at PayPal between 2001 and 2004 for both merchants & users, i can attest to the challenges of a) getting broad implementation, and b) getting mass adoption & user understanding.

in many ways, the use of PayPal as a centralized payment solution that enables use of multiple payment options while protecting user info mirrors the single sign-on implementation of OpenId. however, getting people to use & understand PayPal was a big and ongoing challenge. the same issues face the implementers of OpenID.

so while i agree it COULD solve the problems you mention, OpenID has to be implemented, positioned, and communicated well to the user base in order for that to happen.

and that's where i remain perhaps a bit skeptical.

i'd say there will still be a lot of people who depend on siloed identity systems provided by the big platform players, and that for many end users this will be a simpler solution -- since many of them will have already chosen to use / setup Google or Yahoo or other accounts, they will probably work as well or better for many users.

similarly, independent services & startups may see less "friction" with user education by simply offering to authenticate with Yahoo or Google (or Microsoft or other) identity services over OpenID.

in summary: i'm not against OpenID per se, and the benefits are perhaps there down the road, but they have an uphill challenge.

my .02,

George Hotelling

First off, Yahoo! isn't (publicly?) trying out OpenID. idproxy.net is a 3rd party mashup that translates OpenID requests into Yahoo!'s BBAuth API. All it does is provides a way for people to use their Yahoo! account to authenticate against an OpenID URL.

Also, add Microsoft to the list of giant companies supporting OpenID.

As for the practical value, IF (and it's a pretty big if) OpenID gets widely adopted, it will fix a lot of the problems you identified with regular users:

"crap, i forgot my password"

Now they only need to reset their password once and they can still use their OpenID URL to log in, instead of having to reset their password on every single service they use.

"crap, why won't this site let me use my normal [5-letter, insecure, kid's first name] password" and "crap, i forgot that other password i occasionally use"

Now they can either pick a strong password and not have to remember any other ones, or they can go with an OpenID provider that allows weak passwords and not have to remember any other ones. Either way, those problems are solved.

In fact, OpenID appears to fix more of your "Middle America" problems than your "Silicon Valley" problems. AFAIK OpenID doesn't currently have any way to synchronize social networks, so 1,2,3 and 5 are not fixed by OpenID.

If Damon is right above about "forgot password" eating up the most customer service time, OpenID will be a huge money saver since web sites can offload that customer service to the OpenID provider. Of course at this point adopting OpenID would cause more customer support requests than it would prevent, but IF (big if again) OpenID hits the tipping point it will be a cost savings for companies.

Damon Billian

Believe it or not, "forgot password" is probably one of the single largest drivers of contacts into a customer service channel (even if you have a forgot password option available on the login screen!).

I think that you have an excellent post on defining needs for a larger audience (the common internet user) & that things that are too complex won't be adopted by your general user.

I really hope you don't have 500 passwords:)

Andrew Parker

Dave,

Perhaps you've already read this, but danah boyd has excellent thoughts on this topic (in particular, the behavior of the average social network user):

http://www.zephoria.org/thoughts/archives/2007/01/01/ephemeral_profi.html

The comments to this entry are closed.