OpenID Sign In/Up Processes on OpenID supported sites

Most sites today distinguish between the process of Signing Up – the user wants to register to the site/service and does not have a previous account (or wishes to create another account), and the process of Signing In – the user wishes to identify himself/herself with an already existing account on the site/service.

Whenever I reach a site that support OpenID I always try to see what is the process of sign-in/up with OpenID to the site/service.

I keep on seeing two distinct ways that are common in such sites/services (at least in the sites that I’ve visited).

The first, is to separate the OpenID handling to a different page. In that page the process of sign-in/up is actually the same. If this is your first time of signing in with your OpenID it will actually transform itself to a sign-up process and may ask you a couple of questions and may interact with your OpenID provider.

The second, OpenID is integrated only in the Sign-In screen. If you sign in with an OpenID for the first time you will actually get a sign-up process and you may be asked a few questions and have an interaction with your OpenID provider.

OpenID is still a bit confusing to most people and when sites/services that do decide on doing the right thing and support OpenID, sometimes, add additional complexity with either hiding the OpenID sign-in/up location or not showing it in the right places that users may go to since they are already familiar with the Sign In/Up paradigm.

I know that some of the considerations for some of these sites/services is to have OpenID support for those who actually knows about it and uses it, which they know they will search and find it eventually. On the other hand, they don’t want to scare off normal users that don’t know (yet, hopefully) or care about OpenID with this technical mambo-jambo.

The best place, of course, is to have OpenID in both the Sign-In and Up screens, if a user that do have an OpenID reaches any one of these screen the scenario of signing in for the first time (or not for the first time) will work no matter when he is. It can also be a separate screen but accessible from the sign-in and up screens and clearly indicated that if you have an OpenID account go here (with explanation of what is OpenID, of course).

I still think that we can find a balance between these considerations and still have a clean use-case of signing in and up with and without OpenID without breaking existing paradigms.

What do you think? How would use design these processes that will still fit to your site/service and still support in a clear and obvious way OpenID?

Identity and Identity Relationships

I just read this post by Kaliya and it got me thinking about Identity relationships.

I think Kaliya is right that the connection between identity and relationships between identities (a.k.a. Social Networks) is a hot topic which will probably get some answers in 2007 (hopefully even good ones).

What if we could have relationships between identities (between OpenID identities, for example)?

We could store them as part of our identity (I’m sure we can think of a creative use of XFN and identities like OpenID since it is also a distributed way of showing relationships between people) and “take our friends with us” to other sites that we sign up, eliminating the need to manually re-enter and “drag” our friends to every hot new social networking site.

Of course, we don’t want to add all of our friends to every social network site we sign up to, so we should be able to choose which ones we will “import”, the same way we can choose which fields of our persona that our OpenID server shares with the site we are registering to.

The major question here is if specifications such as OpenID should contain relationships between identities. Should it be an integral part of OpenID, should it be an extension of it?

I don’t really know yet. I guess I should dig deeper into the OpenID specifications and see if there is room for such a thing and if there are further discussions that are leaning towards such an approach.

I guess time will tell, hopefully circa 2007…

Completely removing ZoneAlarm

I use ZoneAlarm Security Suite on my laptop (yes, it’s running Windows…) since its a cheap and nice complete suite that has a firewall, an anti-virus and anti-spyware software plus a lot of other stuff I rarely use (IM Security and the likes).

I have it for about a year and a couple of months and I saw in the support forums that there is a beta release of version 7.0.

Since I have a couple of standing issues with ZoneAlarm Security Suite, mainly its pro-active anti virus that keeps on hogging the machine at boot time and another problem with Cygwin (it’s a known issue) I thought I’d give it a try.

It worked relatively well, but it had more than a few major issues (one of which is that it started to say the beta has expired – also a known issue). I’ve decided to go back to my 6.5.x version.

At this point I started to really get pissed off. It seems that a normal uninstall of ZoneAlarm Security Suite will not uninstall the license and since the beta require a special beta license my 6.5.x version didn’t work and said it has expired and wouldn’t let me put my previous valid serial number.

After digging in the forums a bit more it seems there is a secret key for doing that just.
If you add two parameters to the uninstall executable it will clear the license information. Just run this from the command line or “Start -> Run” (don’t forget to change that path if you installed it to a different location):

“C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe” /clean /rmlicense

That is the magic line that will fix all of your problems.

Now I know they don’t want people partying on their 15-days evaluation of the full Security Suite but there is no reason that I will have to dig to find out how to cleanly uninstall it. What about other people who are less technology oriented than me?

I would expect, like in any uninstall program, that the nice people at ZoneLabs will not leave any trace of there program including my license information.

Don’t leave crap on my machine if it’s not really necessary.

Recursive Definitions

If you have a cool new startup that is going to launch and all you have to say about it to better describe it is “It’s Flickr+YouTube+Riya+[Enter a cool new startup with cool technology or hype here]” something is wrong with your pitch.

If you can’t describe your startup in layman’s terms without using the name of your competitors (or, in this case, the war casualties after you kill them all and win the internet web 2.0 war) you should really start to think twice about what you are actually doing.

I keep on seeing a lot of pitches on the web in the form of cover stories on high profile blogs that companies CEOs and founders keep on using some kind of a recursive definition – defining their own company by using the name of another company (or companies).

This recursiveness needs to stop otherwise there will be only one true definition for a company and everyone else will build their pitch on that definition and the definitions that are built upon it.

I know it is sometimes very hard to describe a cool new idea, especially if it is technically oriented and you need to explain it to a non-techie person.

Being able to actually do that will give you a couple of interesting things.
First, it will allow you to better articulate yourself for non-techies, potentially (depending on your idea) drawing them closer to the understanding you have of your ideas. This is good for startups that are web based and needs non-techie crowds to succeed.

Second, it will give you a better understanding of how you need to your idea. Every question or misunderstand a non-techie will have with your description is a potential for better understanding your audience and, therefore, improving your idea/company/product.

What do you think? Is it really that important or I just got pissed on seeing yet another pitch that is recursively described?