Jon Phipps's Library tagged authentication →  View Popular

Federated
Login has been a "holy grail" in the identity
community for a long time.  We have known how to do the technical part
for a long time.  However
the industry has constantly tried, and failed, to find a model that was
(1) simple for end users, and (2) had a reasonable trust model between the RP
(the relying party, which is the site you want to log into) and the IDP
(the identity provider, who will identify you to the RP).  Google has
been experimenting with different user interface models for federated
login using the following design principles:

• Design for usability
• Leverage what users already know - In particular, leverage the login models with which end-users have experience
• Design for widespread adoption -  Don't just focus on a small number of IDPs, or just on technically savvy end-users
  
• Allow
  for gradual migration - In particular, make it work for sites that
  already have a large set of user accounts who are authenticated without
  using a federation scheme
  
One user interface ("UI") model we have been
testing has been working surprisingly well.  At this time, we want to share the
details to gather comments.  We also want to look for websites who could
help run experiments on this UI design to generate metrics on how well
it works.

You build great web applications. We have millions of users
who store their data on Yahoo!. Browser-Based Authentication (BBAuth) makes
it possible for your applications to use that data (with their
permission).

BBAuth also offers a Single Sign-On (SSO) facility so that
existing Yahoo! users can use your services without having to complete
yet another registration process.