Evaluating Clickpass

Today I’ve been researching heavily for my next project. I need to find or create a multi-network sign-in system. By that I mean I want my users to be able to login through a site they already use and love: yahoo, aim, google, facebook, and open id to start. I want something like the login system for popurls.com. Before I jumped into rolling my own solution, I took a seriously hard look at using Clickpass.com. I really have to hand it to the guys behind Clickpass. They’ve made open id easy and mass consumable. Seriously, after trying to use my yahoo open id to login to popurls (and never being able to figure out the right syntax), the thought of not having to know my open id url is a very attractive one. Imagine being able to click the little Clickpass button on a site and being instantly logged in. It’s a beautiful thing.

There are of course cons to using Clickpass. The most obvious objections usually have to with the security of having a single sign-in location, or whether Clickpass is taking your users. Peter Nixey of Clickpass wrote an absolutely brilliant Vitamin article where he tackles these issues and more. Actually, by the end of the article you realize that using Clickpass, or something like it, makes your Internet experience more secure, and helps relieve the websites incorporating it of excess spam and customer support calls.

I say “using Clickpass, or something like it”, but the truth is I haven’t seen a single sign-in solution that’s better than Clickpass, not even close. From what I can see, they’ve absolutely nailed every angle so far. Take for instance the matter of integrating your site with their service. They get out of the way. Their brand is rightfully minimized while your brand is front and center. And what I love is that they allow you to sign in to their service using your favorite Internet service (all the networks I listed above are there).

The biggest con of Clickpass is that they offer a single point of failure. If their service goes down, so does registering and logging in for the sites relying on it. Clickpass is a small outfit and an unknown quantity, not part of a notoriously reliable infrastructure (I was going to say “like Google”, but then with Gmail down just yesterday, I am somewhat reticent). You get my point though. I’d almost rather build my own basic multi-network sign in (like popurls.com, like Clickpass itself uses). This may seem like a small point, but to a developer wanting to scale well, it’s crucial.

So what if I have to do my own basic multi-network sign in? Well, it’d be nice not to have to worry about this, but I don’t think it’s too hard to do. Let’s be clear here, I’m not talking about cloning Clickpass, I’m only talking about the multi-network sign in element. I need to investigate further, but I think Google’s FriendConnect code may do some of what I want (as least the authentication part of it).

So what’s my final decision? Well, I really like Clickpass. I think that they’re really on to something big. I love how you can sign into their service from any major Internet account. I love that they make open id really, really easy. I will admit that I’d be instantly sold if 100 million people used their service because that would mean people wouldn’t even have to login to Clickpass, they’d already be using it. One click would be all they need to register for my new site. But I am nearly as instantly sold just based on their great features. I’m telling you, they’ve implemented perfectly. I’m quite amazed. And that great implementation does assuage my fears of outsourcing sign in services to a third party; they’re clearly doing everything right so far.

I’m going to do a tiny bit more research before I jump into bed with Clickpass. The first thing I want to do is check out Google’s FriendConnect. I will try and estimate how quickly I could code my own multi-network sign-in. I also want to see if I can use the Disqus comment service with Clickpass in a truly integrated way. Right now my dream situation is to be able to require that users login to my site with Clickpass and be automatically signed in with Disqus as well. I don’t want my users to login once and then have to login again with Disqus. Disqus uses Clickpass, so I’m investigating whether this tight integration is possible. Taking this one step further, Disqus itself uses Seesmic for video commenting. What if Seesmic also were authenticated by Clickpass (along with Disqus and my own site), all in one procedure. If at least the tight integration of Disqus and my site through Clickpass is possible, I’m sold on using both services (weird how that synergy is so convincing to me). I’ll get back to you.