Inhouse registration vs. OpenID vs. Google Friend Connect vs. Facebook Connect vs. (etc)

Question

I'm trying to decide how to allow users to register for my website... there's openID, clickpass, facebook connect, google friend connect, etc, or the good old fashioned in-house "enter a username, email, password, etc."

Looking briefly at How to set-up OpenID it seems like a lot of work to get openID working.

Does anyone have experience setting up a site for OpenID (or the others)? Also, does anyone know if these methods have a higher turnover rate of registration than the classic "inhouse" registration? For example.. if you allow both the in-house registration and openID, what percentage of your users are using OpenID?

As always, thanks for your input SO.

Answer 1

It really depends on the type of site and who your users are.

We looked at the possibility of using OpenID for our e-commerce store (we sell apparel), and the conclusion was that we would be flat out nuts to implement it. I'm not the smartest software developer in the world by any means, but if I could barely wrap my mind around it enough just to get an account for StackOverflow (Why do I have to go to some third party provider? Why should I trust them? What happens to my account if they go under? As a business, what do I do if a customer asks me to reset their password?), then it's not just anecdotal to say that our customers would have problems with it. In addition, for any e-commerce business, it's usually unwise to take on a third-party dependency unless carefully considered, and especially for something as critical as logging in. If a major OpenID provider were to go down, you'd be losing sales. If we implemented OpenID, it would definitely be an alternative, red-headed step child implementation when compared to the native sign in mechanism.

Even with our in-house registration of e-mail addresses and passwords, we had to use an Amazon.com style login form because users kept filling out the "new customer" form even when they already had an account:

Login screen. Amazon's sign-in screen remains a model to be emulated, minimizing the common problem of new customers who try to log in without having registered. Amazon presents two questions in linear order: (1) "What is your email address?" and (2) "Do you have an Amazon.com password?" For the second question, users can select one of two radio buttons: "No, I am a new customer," or "Yes, I have a password." Many other sites present the new- and established-user sections side-by-side, and thereby divert new users to the established-user section through the magnetic attraction of type-in fields. -- Jakob Niesen, useit.com

When users have trouble navigating two fields and a radio button, you can imagine the hilarity that ensues when they are presented with multiple authentication mechanisms.

If you're implementing a social-oriented Web site that is designed to integrate with Facebook or some of the Web-2.0-savvy consumers, then these alternative authentication mechanisms may make sense. Until the dust settles on OpenID, though, I wouldn't add it to a commercial site: nobody has asked for it. They have asked for PayPal and Google Checkout, which we implemented, but there's only a small amount of overlap there.

My general recommendation would be to have the usual in house username and password mechanism that can be supplemented by these alternative identification mechanisms. But realize that each alternative identification mechanism runs the risk of customer confusion and increased customer support.

Just my two cents; hope that helps.