Yahoo! Releases OpenID Research

I'm happy to announce that Yahoo! is releasing the results of a usability study that we did for OpenID. Our test subjects were several experienced Yahoo! users (representative of our mainstream audience) who were observed as they tried to sign into a product review site using the Yahoo OpenID service.

First, the good news. After the users completed their tests, we explained OpenID to them, and they all recognized the value of being able to easily sign into a new site without having to create a new ID and password. They also appreciated the potential of using their Yahoo OpenIDs to automatically verify their Yahoo email address without having to do manual email verification.

Now the bad news. None of the users had heard of OpenID before, and none of them even noticed the OpenID sign-in box displayed below the traditional email/password login form on the site. In many cases, the test subjects entered their Yahoo email address and Yahoo password to try to log in. We had told the test subjects that they could sign into the site using their Yahoo! account without having to register. (See Page 5 of the study.)

Eventually, we coached the test subjects to use the site's OpenID Selector, and they still had some problems with the selector's Yahoo! option. In most cases, the users were confused by the "" autofilled in the OpenID sign-in box, and continued to look for for a form in which to enter their Yahoo ID and password. (See pages 7 and 8 of the study.)

After a bit more coaching, the users managed to get to the Yahoo! OP where a lot of them got lost. (OP is jargon for an openID provider.) First time Yahoo OpenID users must navigate through a few screens, where they have to solve a CAPTCHA, and agree to a TOS. They are given opportunities to learn more about OpenID, set up a custom OpenID identifier, set up an anti-phishing sign-in seal for their Yahoo login screen, or view a directory of OpenID RPs. ((RP is jargon for relying party.) In many cases, users were overwhelmed by all these options, and failed to return to the RP because they were sidetracked. (See pages 10-14 of the study.)

Finally, after a little more coaching, the test subjects returned to the product review site, where they were presented with a registration form to set up a profile. Obviously, it would have been more satisfying if the user was able to go directly to their intended destination. (See page 15.)

As a followup, we asked the test subjects to pretend that some time had passed and they were to revisit the site and sign in again. In many cases, they tried to sign in by typing in their Yahoo! email address and password into the login form. (See page 17.)

Observing these tests was more than a bit frustrating for the Yahoo! OpenID team, and the test subjects may have been distracted by the sounds of the groans and head-pounding coming from the other side of the one-way mirror. Certainly there is a lot of work to be done on the OpenID UX (user experience) front.

On the Yahoo! side of things, we streamlined our OP last week, and removed as much as we could. We removed the CAPTCHA and slimmed down the OP to just a single screen, and focused the UI to get the user back to the RP. We expect that RPs will enjoy a much higher success rate for users signing in with their Yahoo OpenID.

On the RP side of things, our recommendation is that they emphasize to users that they can sign in with an existing account, specifically their YahooID. We believe that the YahooID, as well has IDs from other providers, have a higher brand awareness than OpenID. We also believe that first time users signing in with an OpenID should be able to go directly to their intended destination after signing in, instead of having to complete additional registration. Hopefully, as SimpleReg/AttributeExchange are more widely supported (Yahoo does not currently support them), relying parties will no longer feel the need to force the user through an additional registration form after signing in with an OpenID.

I'll be happy to discuss the findings of our first UX study, as well as suggestions for improving the entire end-to-end OpenID UX.

Allen Tom
Architect, Yahoo! Membership