The future of OpenID on the Archive of Our Own
Published: 2011-05-01 12:20:15 -0400
In common with most sites out there, we were keen to offer an OpenID login option when we started out, to ease the burden of juggling yet another username and password. Unfortunately, also in common with other sites, we found that OpenID created as many problems as it solved. We regularly receive Support requests from users who can't log in because of some problem with their OpenID provider, or because their provider has changed their authentication code unexpectedly. We've also had ongoing problems persuading OpenID logins to persist (the 'Remember Me' option often doesn't), as well as a lot of confusion from users about exactly what an OpenID account on the Archive actually was.
Not many of our users are taking advantage of the OpenId option: out of 16,119 users, only 383 have an OpenID set. Of those, only 73 use OpenID as their sole login option (the rest have a password as well). Despite the small number of users involved, OpenID issues are one of our most regular types of Support request! We feel that the amount of work involved in keeping our code functioning with OpenID and in supporting users with it outweighs the amount of added value it brings to our users, and we're strongly considering phasing out OpenID logins for accounts altogether. (This is in line with other sites such as 37 Signals.) If you have concerns or questions about this, then please do comment to this post.
If you're currently using OpenID and you want to switch to using a password login, just select the 'Forgot password' option. This will send out a temporary password - log in with your user name and this password, and you can set a permanent password.
One reason so few users have OpenID logins for the site is that the way our accounts work mean it's only really a password replacement (you still have to give us an email address and a user name, and we can't really offer the kind of OpenID features adopted by sites such as Dreamwidth). So, OpenID accounts aren't offering anything super useful compared to regular accounts. However, we do like the idea of offering more flexible ways to use the Archive, and retiring OpenID account logins doesn't mean we've abandoned this aim.
One area where more flexible authentification options would be useful is comments. We know that some people don't have much use for the features of an Archive account, but do want to use the Archive for reading and commenting. We think it would be very handy for them to be able to leave comments without creating an account or leaving a name and email. So, we're currently looking into the omniauth plugin, which would allow people to sign in via other sites such as Twitter, Foursquare, Google apps, etc in order to leave comments. This isn't a change we'll make immediately - we want to do some more research into different options and the privacy implications first - but we think something like this would offer our users more flexibility going forward.
As always, we welcome feedback from users about features you would like to see on the Archive! Feel free to comment on this post or get in touch via our Support and Feedback form to let us know what you think!