Are standalone user/password systems so hard to add and get right? (I'm serious about this; it seems like a solved problem, yet there also seems to be a number of sites that punt on that, and want me to couple their site with my account on some other site, which I really do not want to do as a default.)
Maybe people need throwaway Twitter accounts, like there is for E-mail.
We're dependent on Twitter for two reasons. Firstly, people who go to conferences (at least web/tech conferences) tweet a lot, and a big part of what we're planning in the future involves capturing tweets made throughout and event and making them easier to browse / filter through. Sign in with Twitter, say you're attending X and we can capture your tweets from the start to the finish of the event.
More importantly though, many speakers have Twitter accounts - which means we can create speaker profiles for people who have never signed in to the site. When we went live, we had close to a 1,000 profiles in our database - many of them people with thousands of followers. If /any/ of their followers signed in they would see that person's speaking appearance. It neatly solved the bootstrapping problem for us and meant that most of our first wave of users got at least a few recommendations.
I'm a big advocate of OpenID (see http://lanyrd.com/search/?q=openid&people=simonw ) so launching something that depends on one identity provider goes against my own principles to a certain extent, but the enormous benefits we got from bootstrapping off the Twitter ecosystem (and the reduced effort in engineering compared to trying to integrate with a bunch of other providers as well) was a worthwhile trade-off.
What bothers you about using your Twitter or Facebook account? Just wondering, since I've considered relying only on Facebook Connect/Twitter for projects in the future.
Facebook squicks me, and I just don't "get" twitter. I think I have a facebook account lying around somewhere, created to look at someone's facebook content, once, but I'd have to dig it up. I admit I'm extremely eccentric in this respect, though.
Matters of trust and privacy. I want to be able to change/cancel services without wondering if there's some forgotten dependency.
Often I try something out first to see if it's worth the trouble. I don't want to give out some other account info for something I may not even be bothered using.
I can see offering, as an option, the use of twitter/facebook/gmail whatever, but not to the exclusion of a standalone account. Especially since, as you say, it's easy to add.
Gotcha. You do know that with Twitter, you can go in and specifically revoke an app's access to your account?
> Often I try something out first to see if it's worth the trouble.
It's really interesting that we use the same logic to justify totally different outcomes.
> but not to the exclusion of a standalone account.
To provide some context, I'd like to keep things as simple as possible, in general. Even with technical people, it's easy to get confused with multiple login options. Every time I go to Quora, something in my brain remembers that I used Facebook to sign up, so I click that button on the home page, and get a message about how I'm already signed up, I need to actually log in with my email/password via the other form. Every time.
"You do know that with Twitter, you can go in and specifically revoke an app's access to your account?"
Yes, I do. Do I do that after app has done something stupid under my account?
The bigger point for me is this:
Suppose I decide I just don't care anymore for Twitter (or, much more likely, Facebook) and kill my account. Later , I realize I can't sign on to SomeApp.com because I forgot I had it hooked to the service I just dropped.
I prefer apps that let me use them with no user account, offer more services if I provide a verified E-mail address, and offer even more if I opt in to sharing my Twitter/Facebook/whatever info.
If a site is giving people too much to think about when signing in it's just lazy UX design.
It's crazy; just about every web application in existence requires a login and this still isn't a solved problem. I wonder why Clickpass hasn't gotten more traction.
Although, I suppose that's indicative of part of Clickpass' adoption problem - their functionality is pretty prominent right on the HN login / signup page and many people here still don't know who they are.
Are standalone user/password systems so hard to add and get right? (I'm serious about this; it seems like a solved problem, yet there also seems to be a number of sites that punt on that, and want me to couple their site with my account on some other site, which I really do not want to do as a default.)
Maybe people need throwaway Twitter accounts, like there is for E-mail.