Stack Overflow is a collaboratively edited, language-agnostic question and answer community for programmers.

 

Jeff, why did stackoverflow decide to add OpenID registration and login support?

 

Stack Overflow, much like Wikipedia, lets anyone edit anything – but unlike Wikipedia, we require users to earn a certain number of votes from other users before the system trusts them (we call this “reputation”). The concept of identity and logins is an essential part of how our site works.

 

As programmers ourselves, we appreciate how challenging it is not only to write an entire authentication system, but to support one. One small mistake and you could expose users' credentials and possibly even passwords!

 

With OpenID, we didn’t have to write any login code, nor do we have to store user passwords. And not only that, but we are no longer asking users to create yet another account on yet another website. Clearly a win-win scenario from our perspective.

 

We were encouraged to use OpenID because our audience is fairly technical, and OpenID is quite common among technical bloggers and frequent blog participants, our early adopters. Also, there’s a rich ecosystem of third party OpenID providers, not to mention Yahoo, AOL, Google, Sun, and MySpace.

 

Did your team know how you would measure success?

We didn’t have specific metrics in mind, we just knew that it would be fast and simple for our users to login using an OpenID they already had – and might already be using to post blog comments or register on other websites. So it was consistent with the overall goals for our website: simplicity and speed.

 

What results did you achieve after deploying OpenID

 

We launched our public beta in late September 2008, with one authentication method: OpenID.  Within a few weeks all of our registered site users, about 10,000 at the time, were logging in via OpenID.  By March 2009, our number of registered users had jumped to over 50,000.

 

Beyond faster login, were there other potential benefits you were anticipating?

 

OpenID Simple Registration (SREG) allows our users to pass some basic information (nickname, email address, birthday, country, etc.) at the time of registration, so they don’t have to rekey redundant data. With related “user-centric-identity” technologies like OAuth and Portable Contacts coming online, we are streamlining the process even further.

 

We decided to further simplify the login process for our users by implementing a friendly and intuitive graphical user interface. The “click the giant logo of your preferred identity provider to login” approach has great merit and has worked wonders in improving the overall user experience. It’s so simple!

Stack Overflow’s sign in page:

 

 

 

Any surprises, maybe things you didn't expect?

 

It is important to support multiple OpenID providers, or provide the ability to switch providers, on the off chance someone decides they don’t like their current provider. Frankly, some OpenID providers are better than others. We support logins from Google, Yahoo, AOL, Blogger, FlickR, myOpenID and a number of other OpenID providers.

 

What advice would you give a company implementing OpenID?

 

If you want your website to support painless, friction-free user generated content, OpenID is definitely the way to go. Users who know and understand OpenID are first movers, influencers and bloggers.

 

Here’s the question you have to ask yourself: do you really want to be yet another website offering yet another username and password to your users? Or do you want to be part of the solution?