for a user who has authenticated with a user account, say, "foo@gmail.com";
and for any reason, he tries to login Open ID with his "bar@gmail.com",
i.e. with identifier http://openid-provider.appspot.com/bar, he'll see a
screen as attached.
There are a few problems:
1. given the user try to authenticate as another user, there is no
indication of authentication failure to both the user and the relaying
party
2. links like MyAccount, Download Source, OpenID are confusing and may lead
the user to elsewhere. In the latest Yahoo OpenID usability report, it is
indicate those are evil.
3. as suggested in the google's Usability Research on Federated Login
report, the user may login with an email address. i suppose the relaying
party should convert the email to OpenID URL, so the user actually do not
use OpenID URL, and the message on screen about "Just enter http://openid-
..." may give the user no clue of what's going on.
4. I wonder the Recent OpenID Requests is broken. even if it is not, it's
quite confusing.
5. The confirmed, Remembered, Declined buttons are broken. they are never
clickable. and don't know what are they about.
I wonder if i have get to the wrong place to look for google's openid
support. is it really the official Google OpenID provider site?!
Original issue reported on code.google.com by mingfai...@gmail.com on 1 Nov 2008 at 9:26
Original issue reported on code.google.com by
mingfai...@gmail.comon 1 Nov 2008 at 9:26Attachments: