A little while ago in a post on ebooks I mentioned that users found Athens confusing. I then had an interesting email exchange with Phil Leahy over at EduServ (who I note from linkedin owns Beeses Riverside Bar Tea Gardens which looks fantastic – good luck with that!). I promised to summarise this and have been prompted to do so by a burst of authentication related chat on Lis-e-resources this morning (and ongoing).
The first thing to say is that we concluded that it would be fairer to say Authentication is confusing rather than my original Athens is confusing. For most people Athens = authentication – certainly in their work life. It is interesting to see how the debate is happening in the broader world around “Facebook wants to be your one true login” – ie the clash between those stumbling around the online world confused and the systems the more tech savvy take for granted.
Here are a range of reasons I offered why users are confused and some of the explanatory debate that followed.
- Having to remember a username and password. Anyone who administers Athens knows this one well. We all have many things to remember and all but the frequent Athens users tend to fall foul of this. But we still need to protect access – this is an issue with the user rather than the authentication.
- Issues with registration caused by the way NHS implements Athens (examples follow). Changes were made to enhance security and to bring it in line with more common web experience. It should reduce issues with inappropriate applications (I would rather have the old simpler route and disqualify the odd rogue registration as it comes through).
- I am at work but want to register on a non NHS email address – result – I cannot complete registration till I get home – confusion
- I am at home but want to register on any email address – result – either I cannot see my work email – or the reg goes into the manual system – confusion
- I am at work and want to register on my work address – result – the confirmation link still frequently takes an hour to arrive – I no longer have the time – confusion
- I previously registered but my login expired – I reregister – I am offered my old login again – I head blithely off and try and use this with my old pasword without completing the email link registration – confusion abounds
- I have started a registration but am stuck in not clicked confirmation link limbo – I call the librarian to free me – they can only either send a new code or do an entire fresh registration – confusion
- Athens login boxes on non purchased content. We obviously need Athens to be on all the resources we might want – but the users are disappointed when the access they were excited about fails to happen. This is a particular issue for Journals that we buy through an aggregator – the user guided by Google tends to head for the publisher site. Caused by success of Athens / nature of requirement for a visible login and a user education issue.
- Users with multiple Athens IDs due to the fact that they have multiple roles. The debate on list today kicked off with a variant to this – IP authentication that then removes the option to use an alternative login that may have different content. A general issue for authentication – Pilots have been run on how to manage this.
- Convoluted login paths. As the options for authentication grow more complex so the login experience gets more confusing – see BMJ Journals as an example with several screens and options before you get in – including different flavours of Athens. Do users know what kind of Athens login they have? Design of publisher sites is out of the control and remit of authentication suppliers.
- Users think Athens = content not door key. User education required.
In the end most of the issues relate to needing to find ways to make users understand how we offer them access to paid for resources. I have kept the debate coverage to what I believe to have been the core of the issue (there were chunky emails in both directions). Any words here are my interpretation and not necessarily quite how Phil would put it. Accordingly I am to blame for any misunderstanding arising. I thank Phil for engaging positively with the debate. Authentication is a daily frustration for librarians and their users and a debate with a long way still to run.