Tags: login

14

sparkline

Let’s talk about usernames

This post goes into specifics on Django, but the broader points apply no matter what your tech stack. I’m relieved to find out that The Session is using the tripartite identity pattern (although Huffduffer, alas, isn’t):

What we really want in terms of identifying users is some combination of:

  1. System-level identifier, suitable for use as a target of foreign keys in our database
  2. Login identifier, suitable for use in performing a credential check
  3. Public identity, suitable for displaying to other users

Many systems ask the username to fulfill all three of these roles, which is probably wrong.

Your Social Media Fingerprint

Clever! By exploiting the redirect pattern that most social networks use for logging in, and assuming that site’s favicon isn’t stored in a CDN, it’s possible to figure out whether someone is logged into that site.

LukeW | Showing Passwords on Log-In Screens

Luke continues to tilt against the windmills of the security theatre inertia that still has us hiding passwords by default. As ever, he’s got the data to back up his findings.

IndieAuth now supports OpenID delegation! - Aaron Parecki

It’s sad to see MyOpenID shut down, but now I can simply use IndieAuth instead …which means my delegate URL is simply adactio.com: magic!

Social Login Buttons Aren’t Worth It | MailChimp Email Marketing Blog

A great in-depth explanation by Aarron on why Mailchimp dropped their Facebook and Twitter log-in options. Partly it was the NASCAR problem, but the data (provided by user testing with Silverback) also brought up some interesting issues.

NoPassword

I like this passwordless log in pattern but only for specific use cases: when you know that the user has access to email, and when you don’t expect repeat “snacking” visits throughout the day.

Aza’s Thoughts » Identity in the Browser (Firefox)

Aza Raskin share's some mockups of ideas for incorporating identity management into the browser.

Log in or sign up? - Leah Culver's Blog

Leah has some great ideas on combing "log in" and "sign up" forms into one.

Chroma-Hash Demo

Another interesting take on assigning a visual clue to password fields.

Quantum Random Bit Generator Service

There's no such thing as a good CAPTCHA but if there were, these would be ...Best. CAPTCHAs. Ever!

iphone login screens - a set on Flickr

Screenshots of various log in screens on the iPhone. I think Cindy has been hanging out with Luke W.

iphone login screens

OpenID for Google Accounts

Every Google account can now be an OpenID login thanks to this app built with the Google App Engine.

Yahoo!, Flickr, OpenID and Identity Projection

Looks like Flickr has some interesting plans around OpenID. Our reporter Simon Willison is on the scene.

Sign up, get your free BragBucks and start betting in less than a minute on bragster.com

Another sign up form that features hCard input (like Satisfaction). Choose a service (e.g. Flickr, Last.fm, Twitter) or enter your own URL.