Does OpenID improve the user experience?

Edit

Not to detract from the other comments, but I got one really good reply below that outlined 3 advantages of OpenID in a rational bottom line kind of way. I've also heard some whisperings in other comments that you can get access to some details on the user through OpenID (name? email? what?) and that using that it might even be able to simplify the registration process by not needing to gather as much information.

Things that definitely need to be gathered in a checkout process:

• Full name
• Email

(I'm pretty sure I'll have to ask for these myself)

• Billing address
• Shipping address
• Credit card info

There may be a few other things that are interesting from a marketing point of view, but I wouldn't ask the user to manually enter anything not absolutely required during the checkout process. So what's possible in this regard?

/Edit

(You may have noticed stackoverflow uses OpenID)

It seems to me it is easier and faster for the user to simply enter a username and password in a signup form they have to go through anyway. I mean you don't avoid entering a username and password either with OpenID. But you avoid the confusion of choosing a OpenID provider, and the trip out to and back from and external site.

With Microsoft making Live ID an OpenID provider (More Info), bringing on several hundred million additional accounts to those provided by Google, Yahoo, and others, this question is more important than ever.

I have to require new customers to sign up during the checkout process, and it is absolutely critical that the experience be as easy and smooth as possible, every little bit harder it becomes translates into lost sales. No geek factor outweighs cold hard cash at the end of the day :)

OpenID seems like a nice idea, but the implementation is of questionable value. What are the advantages of OpenID and is it really worth it in my scenario described above?

I respect your need for a business reason to use OpenID rather than a tech-geeky reason. So here it is:

Reason #1

OpenID is way easier than username+password. "Oh no", I hear the responses now, "OpenID is confusing and scary for users. They'll run away." That's why you don't tell the user it's OpenID. Just offer Yahoo and Google buttons and say "use an account you already have" or something to that effect. Users will love you. Underneath you're using OpenID, but don't advertise the fact, and perhaps don't even offer an OpenID text field, until OpenID becomes more mainstream.

A strong majority of users are already logged into Yahoo or Google, so "Click here to log in using your Google/Yahoo account" buttons will mean it's faster and easier for your customers -> more sales.

Reason #2

Do it for your customers, even if they're not asking for OpenID. OpenID is more secure than username+password, since your customers won't be reusing the same username+password on your site as all their other sites. It's bad security to reuse username+password across web sites, but that's what users do. Using OpenID (without telling them) to get them to reuse their existing [pick your small list of major OPs here] accounts will mitigate this and give your users added security. If your site is hacked, their credentials won't be stolen. And if other sites your customers have accounts with are hacked, there's a good chance your customers account with you won't be compromised.

Reason #3

Fewer support calls and web pages to support users who forgot their passwords.

What I like most about OpenID is that it doesn't feel like I'm creating an account at all. It's more like I already have an account for the entire Web, and StackOverflow is taking notice of it when I log in. I'm really tired of having to create a new "identity" on every site I run across because they want to have a bigger user count.

I also like that sites that (only) use OpenID tend to make the whole account experience more flexible: no email confirmation required, no enforced-unique usernames, use of Gravatar, etc. The upside is that there is no registration; I just log in like I was already here.

It seems to me it is easier and faster for the user to simply enter a username and password in a signup form they have to go through anyway.

I think, on the contrary, that often it's easier and less of a hassle if the user can login with his existing OpenID, instead of creating separate credentials for every site. (Isn't that the main point about it.)

Maybe it isn't worth the effort on the large scale (yet), but I am very reluctant when it comes to registering on the sites that do not support OpenID: coming up with yet another password, confirming email (which, sometimes, involves waiting for the email), etc. They basically lose me as a user unless I really have a good reason to register there.

But also keep in mind that OpenID is not only about single sign-on, it's the way to maintain your identity, to prove that you are who you claim to be. OpenID sign-on is great, but the ability to perform action on the site on your own behalf (e.g. leave a comment) without registering is even more important.

It's great not having to make too many user accounts all around. All those passwords.... then again, I far prefer a solution like 1Password for the Mac. OpenID is better for sites I'll return to than a separate username, though

Well the promise of OpenID is a single sign on for multiple websites. The issue is that it's still pretty obscure from a mass-market perspective. I personally would not implement it in a broad customer-facing application just yet.

In my latest application I give the users a choice. I think if you do offer OpenID it should be optional and the fact that it's optional needs be very clear to your users. I tested my signup with "average" users and they were very hesitant to sign in with their Yahoo, Facebook, Google, or what have you.

For users that do want to use OpenID, do it right. If there is additional information that your site requires and you can pull that info in along with their authentication token then do it.

OpenId has been challenged because it is a new and unfamiliar concept. In many ways it should have been called "OpenPassword" because the main benefit is controlling a bunch of logins to many sites with a single password. However it is more than that because you specify one quantity and it says both who you are, and proves it.

I know some very experienced computer scientists who were completely thrown when introduced to the concept -- couldn't really see right away how it was secure like entering a password. Because it is called "OpenID" they thought it was just an unsecured name. I mention this because this challenge to understand is significant.

Facebook Connect is the exact same thing -- and it works simply because there are 1 billion people with Facebook accounts, and they tend to stay logged into Facebook all the time. What the facebook guys did well is the user interface, and those implementing OpenID need to take a lesson from that.

The second big mistake I see developers make is thinking that because login is handled some other place, that there is no need for a user profile either. That is incorrect. Each program using OpenId still needs to take responsibility of keeping information about the user EXCEPT for password. The password is the only piece of information that the relying site does not need to keep. Again, there is that "OpenPassword" silly idea again.

I think it is a GIVEN that OpenID will be successful once (1) the general public gets used to this idea of linking a login to another site and (2) OpenID implementors get the user interface right to avoid much of the complication.

I would agree with you that ease of use for your users is something to heavily consider. Your audience is another thing to consider. As OpenID becomes more accepted this will be less and less of an issue. If you are working on a project where you know the majority of your users will not even know what OpenID is then perhaps you should steer away from it.

Stackoverflow was my first intro into OpenID and I'm a geek.... I created the account after avoiding it for a few days and reading up on it. I finally jumped in but I would venture to say non-geek types would perhaps not. Now, I love the idea and would love to see it everywhere also.

If you can do both your own and OpenID, offer both. I think that would be the best of both worlds. You could point users to the goodness of OpenID but still let them go the other way. If you see a high adoption rate with OpenID you could eventually only offer it.

Always keep things consistent. OpenID is still in infancy and non-existent to most casual users. It will confuse users who are not familiar with it and they may even end up thinking that they're opting to 'Open' their IDs to the general public.

You can optionally embed a unobtrusive link on the sign up saying "Have an Open ID?". This way you, those familiar with it know to use it, those who aren't simply ignore it.

I have been finding more and more that if I'm required to pick a username, and my preferred one is already taken, I'll simply leave the site. At least one company has lost a sale this way, and I refuse to join Twitter. On the other hand, sites that use your email address as a username don't have quite the same problem. For me, it's a different problem: Which address did I give them?

The good news about OpenID is that a few major sites have found a way to make it easy for new users to figure out what's going on, by listing the icons of a few sites where they're likely to have accounts. Whether your average user will trust that method is still in question, though.

I feel it depends on the end users of your system. Open ID is successful in SO because people who are using SO knows some thing about Open ID.

But, I am not sure whether the same thing will be applicable to a Greeting card site / online shopping site where my parents go. The problem I see here is you give users a choice between various providers they will get confused.

One of the way I could think of for check out process is not to force a user signup. If they decide to simply check out let them do so.

I'm a developer and tech-savvy person and I find it horrible to use OpenID. But that's just my opinion. In the end you have to choose what fits best with your hypothetical end user.

Personally, I think the value of a well implemented 'lazy registration' concept is far more useful than the OpenId itself.

I already have so many accounts online I don't mind registering on new websites, but forcing me to sign in just to see what the service is about, or to complete an order, is very annoying with or without openid.

I ran across this discussion about what's wrong with OpenID and thought it helpful and relevant: http://www.quora.com/What-s-wrong-with-OpenID