How can we improve Checkvist?

OAuth/single sign on support

54 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Kirill MaximovAdminKirill Maximov (Admin, Checkvist) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    5 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Mantas ZimnickasMantas Zimnickas commented  ·   ·  Flag as inappropriate

        With OAuth you have to support each authentication provider separatly, with OpenID, one implementation supports all priveders at once.

        Personally, I use OpenID, and love sites, that supports it. Google/Facebook OAuth is miportand, but OpenID will not hurth also. I never use Facebook OAuth, because most sites abuse it for social marketing.

        Here are some examples that support both:

        https://stackoverflow.com/users/login
        https://bitbucket.org/account/signin/

      • vladimir.dyuzhevvladimir.dyuzhev commented  ·   ·  Flag as inappropriate

        As someone who was investigated/implemented community logins for a client, I have to say the following:

        1. Community logins are in fact VERY useful to increase sign-up rate. 3x time for my client comparing to email/password
        2. OpenID lost its traction due to (my opinion) incomplete functionality in the getting user information area (for instance, there are at least two extensions to get full name and email, and neither work reliably). Microsoft for instance dropped their OpenID service.
        3. The winner is apparently OAuth. While in its default implementation it cannot provide user information, every provider offers a protected resource (URL) that gives the information to the caller. Downside is that every provider has a different URL and different format of user data on that URL, but it compensates by the sheer number of providers: Google, Live!, Yahoo!, Facebook, LinkedIn, ... first few probably cover some 99% of Internet users.
        4. There is a concern that users would get confused what identity they had used with the service before. Practice shows that it is not a case: regular users have one primary account (e.g. Google or Facebook) and use it everywhere. Tech-savvy users who have multiple accounts do remember which one they use where (or re-login).
        5. Another concern is the external provided availability. Well, the availability of Google or Facebook is at 5 9's, I believe. Would be hard to expect any influence to availability of Checkvist.
        6. Re: external services such as RPXNow. Doesn't worth it anymore. OAuth libraries are plenty and matured. RPXNow provides some other services, such as "social analytic", but it may be of lesser value for Checkvist.

      Feedback and Knowledge Base