I was going to title this blog post "I don't want your stinkin' password!" but realised that this isn't the first site that uses entirely OpenID, OAuth and stuff.
On Around The World you can now log in with either your Google account, your Twitter account or simply by entering your email. It looks like this:
What's neat about this is that it works independent of if you've signed in before (aka. log in) or if you're new (aka. register).
What's not so neat about it is that people might not recognize it. We're so used to both registration forms and log in forms to ask for passwords. Often, you can quickly tell of it's log in because you expect two input fields.
Another slight flaw with this is the fact that my emails usually take several tens of seconds to send. This is because they're sent by a cron job async. So, people who enter their email address might get disappointed if they don't get the email immediately.
Anyway, let's wait and see if people actually use it. At least it means you don't really need a third party service and you don't need to type in a password.
Comments
Post your own commentYou're right that this combined register/sign-in flow (what Persona also recommends) feels weird to some people.
I think Marketplace solved it in an elegant way with their single "Register / Sign-in" button though.
Where does Marketplace have a "Register / Sign-in" button?
I think this might be one of those points in history where people will have to change and adapt. The era of entirely separate registration process and log in process is over. Hopefully. And we just need to shoehorn followers into this.
I'd love to hear what the usability gurus have to say on this topic.
Where is Persona? =)
Persona didn't exist when I started this. I'll add Persona some day. At the moment, Persona isn't a strong consumer brand outside the tech community. That's why I haven't rushed to it.
Note however, that my other site http://hugepic.io only has Persona as the only way to sign in.
By the way, the Google and Twitter authentication has the awesome feature that it gives my site your First- and Last name. This, I think makes the experience better because when you set up your League of Friends it's all using real names rather than email addresses or guessed usernames.
So, for social reasons, Persona is inferior to Google/Twitter/Facebook.
I love Persona but it's not always my first choice.
You are still referring to it as "Sign in and registration" and have put it up front and using the "Sign in to save your progress"-link. It could just be a "Save your progress"-link that presented a perma/short-link and the option to "Send the perma-link to my email:". This would really be the same as the functionality you have now, but with less focus in "registration" in the UX. If you put the progress in a cookie, I really only need the email/link if I delete cookies or want to get at the data from another browser/device (or want to use the mail as a "bookmark" for the page).
The title "Sign in and registration" is unfortunate because it's all just sign in. However, I still feel uneasy about it. People might think "Oh. That's where I go to log in, but how do I register or sign up?"
By the way I don't understand what you mean by "-link that presented a perma/short-link". Can you elaborate what you mean?
(Just got an email about this reply today. Quite a delay)
For better or worse, I believe, people are used to the username/password/signup/login-flow. So when trying to teach them a simpler/better way, I thought it might be an advantage to make it look like something they might already know. Permalinks and short links are common ("permalinks" was at least common for blogs in the past, and "short links" became popular with twitter and its artificial length limitation and are still found on e.g. youtube), so you might make it look like something the user knows (and doesn't find scary) by using those terms, since the functionality is actually the same. The only reason for the extra option to send the link as an email, would be to let the user use the mail as a reminder.
The only real difference between such a flow and the ordinary username/password is that the site doesn't get a "validated" email, which can be used for "spam" the user.
Really like the idea of using just email and no need for password, but ... One thing I either missing or ...(?) If only requirement to e.g. in Around the World case to "pick up" progress is email address then anybody knowing the email can "log in" and change things, in Around the World case play the game under other person name.
How is that? If I knew your email address I could not sign in using that. If I type in your email address *you* will get the verification link, not me.