1
Vote

Problem with OpenID / LiveID and Verified User Registration

description

As reported in the forum: http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/89/threadid/353675/scope/posts/Default.aspx
And also in Gemini: http://support.dotnetnuke.com/issue/ViewIssue.aspx?id=11751&PROJID=2
 
When I log in with either OpenID or LiveID and create a new user account (instead of connecting with an existing one), I stay on the same page and receive the confirmation message via mail. When I click that message, I get to the login screen - and would need to enter a password to "properly activate" my account.
 
For OpenID and LiveID, the verification doesn't really make sense as we can safely assume that users logging through OpenID or LiveID already have verified accounts. Furthermore, the functionality is actually broken because the user receives a message and is asked to enter a password he doesn't have. Even worse: This could look like a phishing attack to some as users may feel they'd have to enter their OpenID/LiveID password.
 
I do need verified user registration for users that directly register with the portal - but obviously, verification is quite misplaced when users are logging in through OpenID and LiveID.

comments