Simple Steps

Create a single Top Right 'Login' link

A consistent best practice approach to positioning and describing login is the simplest change you can make and it's also one of the most effective ways of helping users.

When offering multiple forms of login it is tempting to place multiple option links on your homepage. It is extremely difficult to describe each type of login link you wish to use, and different sites will use different descriptions. This lack of consistency is very confusing for users and leads to failed login attempts.

NISO ESPRESSO recommends that the first step you need to take to improve the login experience is to have a single link, labeled 'login' positioned consistently in the top right hand corner of your site. Your web design department will need to be involved in this decision and further information is available in the full report.

To see this in action, view our Good Practice Demo

Decide how to manage Local Login

Presenting your own local login alongside other federated options in a clear, simple listing allows users to understand the options available to them. Adding logos or branded buttons makes it even easier for them to quickly recognise the option that suits them best.

Most services want to use their own local login process as well as federated options. The second step is to manage this effectively by presenting your local login option alongside the other federated routes, providing a side by side or single list of choices for the user to select from (the NISO ESPRESSO report cites JSTOR as an example). Use of logos or branded buttons can help to make this more user friendly as the options are instantly recognisable.

The choice of how best to represent this list of options is a design decision. It is recommended that you take time to look at other services to see how they present login options to their users, as a common and familiar approach is usually the most user friendly.

The alternative approach of offering local login as a separate option on the home page has been proved to confuse users who do not understand the differences between local and federated options. At worst, users may enter their Google or Facebook details into your login box which means you could be accused of phishing as well as leading to failed logins.

Install Identity Discovery Software

There are a variety of products that allow users to select their preferred login option: the NISO ESPRESSO report provides advice on the key features you need to provide a good service.

The third step is for your technical team to install identity discovery software. This allows users to effectively select their external login mechanism. There are a variety of products available that allow you to integrate both OAuth and SAML approaches to external login.

NISO ESPRESSO recommends that the software you use should have the following features:

• Is easy to implement, ideally in the form of a small amount of javascript to add to your current look and feel.
• Has a 'type ahead' search box that narrows the list of organisations shown.
• Allows the use of logos to help guide users to the right login options.
• Remembers the previous selection or selections made by users.
• Allows you to promote certain organisations as appropriate to the top of a list to help guide users.

If you are offering services to academic institutions, it is likely that they will be using SAML. NISO ESPRESSO recommends that you use either the Shibboleth EDS software to support external login for these customers. Both of these products offer the benefits described above.

If you wish to use a commercical identity service such as Google, Facebook or Twitter, it is likely they will be using OAuth. All of these providers offer advice on how to include their login button on your site.

For more information we recommend that you visit: