1. Click on the slide numbers or use the arrow keys to navigate:
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. close

Account Chooser

An open standard and user interface guidelines for the next generation of web sign in.

See a slideshow

sign in

Simple Upgrade

If a user has been logging into a website for a long time with a password, then the account chooser experience makes it easy for the website to upgrade them to use an identity provider. After the website upgrades their login flow to use an account chooser, the user will either click a button or type their email address. The user can then be redirected to an identity provider, and give their consent to be identified to the website. Learn more

Eases switching between multiple accounts.

Many computers are shared by multiple people who each have their own accounts. Many more are used to access multiple accounts used by the same person such as their personal and work accounts. It is frustrating for end users to log into a traditional website where multiple accounts on the same computer are used. However if the website deploys an account chooser, then the process is much simpler. The website can make it even more simpler by providing a navigation bar or button to let the user switch accounts. Learn more

Reduces signup pains on any website.

By deploying an account chooser on your website you should expect to increase sign up and log in rates on your websites, as well as reduce costs from hijacked accounts and users who have trouble logging into their account. Learn more

Security

The use of identity providers not only makes it easier for people to use websites, but also makes their accounts more secure. With traditional websites, people tend to reuse password across sites. If hackers are able to compromise even a single website, they can then use that password to break into the person’s accounts on other websites. Unless a user’s password is extremely complex, there are unfortunately very simple techniques, such as dictionary attacks, that hackers can use to identity a person’s password on almost any small to medium website. Fortunately identity providers can be certified to confirm they offer protection against those types of techniques. Learn more

Consistency

Websites can deploy the account chooser in a very visually consistent manner. One a user has used this technique on one website, they will be able to easily recognize and use it on another website. That visual recognition generally causes an increase in the set of users who are willing to log into a website they have never visited before. Learn more

Forgotten Accounts

One common problem end users encounter is when they visit a website and do not remember that they already have an account. Generally they would try to go to the account creation step, and they would get an error about their existing account. With the account chooser, this problem goes away. They will either type their email or choose their identity provider. In either case the website can then immediately log them in if they have an identity provider, or ask for their password if they don’t. Learn more

Future Compatibility

Today there are a few identity providers, but in the future we expect many more. A website could simply add buttons to its login box for 3-4 identity providers, but they could not add more without visually overwhelming users. The account chooser experience splits the process of adding an account from the process of signing into an account. When the website shows a page to add an account, it can generally show 3-4 identity providers. That list can be modified over time, and can even be varied based on information like the user’s location and preferred language. Learn more

Legacy Compatibility

Most websites today offer a traditional login box with fields for a user’s email address and password. The website could offer support for identity providers by simply adding buttons around the existing login box. However that generally creates significant confusion for users because they think there are two ways to login, and they don’t know which one is the correct method to use. This problem is greatly reduced by splitting the process of adding an account from the process of signing into an account. It also avoids showing the password field to any users except those who absolutely need to use a password. Learn more

Protocol Agnostic

There are many technical protocols support by identity providers (OpenID v2, SAML, OAuth2, OpenIDConnect, etc.) The Account Chooser is not specific to the protocol, and the website can even use different protocols to support different identity providers. As protocols evolve in the future, the website can continue to use the Account Chooser experience to hide the protocol details from the user. Learn more