What Do You Think about This Seamless “Registering/Login” User Experience?

60 点作者 kinderjaje超过 5 年前

26 条评论

wayneftw超过 5 年前

I find it to be intrusive and disturbing. Medium.com does this and I've always hated it.Mediums usage of it actually caused me to switch, on my work computer, from always being logged into Google, to never being logged into my Google account. Now if I have to use one of my companies apps that requires a Google login, I do it incognito.At home, I never browse while logged in, so I didn't ever notice it that much. Using my Google account for logging into a third party web application is never my first choice. I'll take separate email / passwords for everybody please and thank you.

评论 #21430960 未加载

评论 #21430908 未加载

评论 #21430914 未加载

评论 #21431275 未加载

echelon超过 5 年前

This really disturbs me. What's the security model for this?Even if the site never learns my Google identity, I hate having to close the signup window. If I misclick, they get my identity. It's so sick.

评论 #21431494 未加载

dclaw超过 5 年前

Hate it.... I do not want a site to have access to my information before I even open an account... even if that's just some anonymized ID created for the task.Ironically, you must sign in with a social media account( facebook / twitter ) or google / github to even use this site..... Single Sign On crap just leads to your whole life getting hacked if something happens. if I cannot setup an account with a unique email address and password, I will leave.

ryukafalz超过 5 年前

I've seen these before; it feels way too intrusive and out of place on the page. If I'd clicked a "sign in with Google" button, then okay fine, but a big dialog covering the corner of the page? No thanks.Checking out that page, the traditional signup button (which is what I'd use as I'd rather not use Google login) is actually under that dialog. You can't see it until you dismiss the dialog.

edoceo超过 5 年前

I see one like this on other sites - eg Instagram. Hate it.Don't assume I want to give you my identity.But! Make it super easy for me to act when I decide.These force-auth types are over-reaching and intrusive. They cause pain to the power-user and cause incidental harm to the standard-user (and maybe more)

评论 #21431498 未加载

thosakwe超过 5 年前

EDIT: I misread the OP. I was under the impression that the popup came after clicking "Log in," rather than just being immediately shown on load. Ignore my comment.Personally, I like it, and I think that from the typical user's perspective, it can probably be more convenient.At least, it's more convenient than the classical "click a login link, which takes you to another page, try to remember your password, maybe hit I forgot and have to view your email, and then hope the site takes you back to the page you were originally on" flow. A big win is not having to leave the content you're currently viewing, which is an annoyance on mobile.A lot of the comments on this thread strike me as cynical, and are dismissing the user experience aspect of something like this. Especially considering that the average user doesn't have a password manager (I could be wrong on this claim, I don't have a source ATM).EDIT: I should clarify that I'm talking about the "quick sign in" pattern in general, not necessarily about any specific auth provider.P.S. If you're trying to produce a similar flow on your site, the Credential Manager API (navigator.credentials) allows you save user credentials locally, so when they visit your site, their browser can automatically sign them in.

Jonnax超过 5 年前

I don't like it. I makes me feel that a miss-tap will cause me to send my details to a site

评论 #21431898 未加载

friedman23超过 5 年前

Given that this is a website for medical use, I'm surprised they are allowing account creation with google oauth. I'm 95% sure it's not HIPAA compliant.

评论 #21430874 未加载

评论 #21431330 未加载

tus88超过 5 年前

How about: forgot what email I used for a particular website, so try and login (not register!) with one of them...oops it was the wrong one but I now have an account apparently along with welcome emails to match. I am very caution about putting an email into any login form without double checking it is the right one.

评论 #21432065 未加载

Rainymood超过 5 年前

My prediction: People on HN will hate it, the general public loves it.

kipdotcom超过 5 年前

A big no no for me. Seen a couple of sites and never tried clicking. I'd rather use the 'sign in with google' button where I get to confirm rather this privacy insensitive method.

11235813213455超过 5 年前

It's probably using google oauth SDK <a href="https://developers.google.com/identity/protocols/OAuth2UserAgent#example" rel="nofollow">https://developers.google.com/identity/protocols/OAuth2UserA...</a> (there's no popup raised if you're already signed in google). You can then send and validate the token on server-side, and create an account there

buboard超过 5 年前

i find this creepy. "why does this website know my name"

lubujackson超过 5 年前

I saw this on Zillow and I tracked it down to <a href="https://github.com/openid/OpenYOLO-Web" rel="nofollow">https://github.com/openid/OpenYOLO-Web</a> or some similar implementation of that protocol. I haven't looked into it yet but I've been intending to figure out how it works and I was surprised I haven't read about it yet anywhere.

评论 #21431307 未加载

nguyenkims超过 5 年前

This button allows Google to know the fact that I'm currently on this specific website. If more and more websites implement this button, Google will have access to my complete browsing history!IMO a website must ask for a permission before displaying this button.Facebook also has a similar button ("Continue with {my_name}") that use the same iframe method.

评论 #21432668 未加载

chii超过 5 年前

hhm, how did they do that? I thought the google oauth flow required that it redirect to a google page (and show the info/permission the oauth flow is asking for).Unless there's a security leak somewhere in cookies, which exposed your email address to this site (which doesn't belong to google i presume).

评论 #21430988 未加载

appleshore超过 5 年前

The first time this happened to me, I instinctively clicked to login thinking Chrome was trying to log me into Gmail or my Google Account. I didn’t realize I was giving info to some random site, I was just trying to swat away a popup.

gothroach超过 5 年前

Seeing this on a site would instantly remove any desire I had to make an account.

avip超过 5 年前

Something marginally less seamless: try to sign-in to google play console with a user that is not the one currently "syncing" in chrome.

jcmontx超过 5 年前

Well, as a user I love it.In the other hand, as a conscious consumer, I absolutely hate giving even more information to Google.It would be cool to have an open source, non-profit organization to work as an universally accepted authentication provider platform. One can always dream.

roobs超过 5 年前

It’s insecure too :)<a href="https://blog.innerht.ml/google-yolo/" rel="nofollow">https://blog.innerht.ml/google-yolo/</a>

xg15超过 5 年前

Creating a persistent public online identity on an untrusted service at the click of a misleading button? What could possibly go wrong?

beders超过 5 年前

gee, it is 2019 and we still haven't solved registration/sign in ;)

Animats超过 5 年前

It's a suction pump for the onboarding funnel. It is not your friend.

Ice_cream_suit超过 5 年前

This is world wide surveillance gone mad.I try to avoid using creepy websites like this.

zemnmez超过 5 年前

interesting ... I wonder how this is secured from attacks from the website itself redressing it and/or clickjacking attacks