Ben Ward's Scattered Mind

1 Notes

Maybe the effort we go to as we think about the OAuth and OpenID flows and how to balance user experience verses phishing protection is in vain. Facebook has rolled out an identity system — Facebook Connect — with a slick UI that trains a gazillion tech-naïve users to slap their identity credentials into any old website. I don’t know what to do. Honestly, what the fuck?

Maybe the effort we go to as we think about the OAuth and OpenID flows and how to balance user experience verses phishing protection is in vain.

Facebook has rolled out an identity system — Facebook Connect — with a slick UI that trains a gazillion tech-naïve users to slap their identity credentials into any old website. I don’t know what to do.

Honestly, what the fuck?

Filed in facebook identity phishing

  1. benw posted this