Re: Prompting for passwords on the desktop?

["Bryan Clark" <clarkbw gmail com>]

In terms of User Experience I've grown to love the mac style sheet dialog [1] for password prompts.  It's not often that I'll recommend a dialog, or a modal dialog for user interactions.  However sheets seem to have most of the properties you want when a password is required from an application. 

If an application requires a password it's one of the few times an application absolutely cannot continue; however it can be problematic, if not dangerous, if that password dialog is floating around away from the application that requires it.  Sheets keep the dialog pinned to the parent application that called them and so increases a persons awareness of what is requiring a password.

Of course there are other issues in OS environment that means you need more than a sheet dialog.  For example notification icons could require a password.  I think it would make sense to look into designing "notification sheets" for this problem.  It still strikes me as weird when I logging into my Desktop that "something" requires my keyring password, that "something" being NetworkManager,

I don't really think the darkening of the screen dialog modality is really a good path towards a usability / security balance.  If anything this takes away from your ability to understand what is requiring a password.  The windows Vista UAC dialogs are great examples of how the application information needs to be duplicated by showing it's name and icon inside the dialog because the person can't see the application that called the dialog.

I'm sure that answer isn't too helpful as I'm aware we don't currently have sheets, but you know how we designers love to ask for the moon. :)

~ Bryan

[1] http://en.wikipedia.org/wiki/Sheet_dialog_box

On Mon, Sep 22, 2008 at 12:03 PM, Brian Cameron <Brian Cameron sun com> wrote:

Note that the Windows solution to use Ctrl+Alt+Del as a Secure Attention
Key is just one way to implement Trusted Path.  There is no reason that
the GNOME or UNIX community couldn't come up with a different and novel
way to meet the same requirements.  The Secure Attention Key should be
viewed as just an example of how Trusted Path requirements can be solved
and the solution as used by Windows (along with Kerberos).

Debating about whether we should use the same sort of solution, or a
different solution makes for good discussion, but I don't think it
makes sense to suggest that just because this particular solution has
usability issues means that Trusted Path requirements are somehow
invalid or inappropriate for UNIX environments.

Even though some might suggest that security is "good enough" on
Linux without meeting these requirements, it still is a good idea to
consider how to make GNOME and UNIX more secure.  Whatever solution
might be decided upon will likely require enough infrastructure
enhancements that we will have time to be thoughtful about the best way
to provide the feature.

Brian

But I'm no security expert; I might be missing something.

I believe the goal is to use some uncatchable keyboard sequence a'la
Windows' secure auth (Ctrl+Alt+Del).

This works on Windows (on a domain) because the goal in those situations
is to have perfect and total single sign on. This has been watered down
in more recent (less coherent) Windows releases, but the goal was always
to prompt the user once and never prompt them again for any application
because the system uses kerberos.

In our mix of applications and protocols passwords abound, and it's less
likely that a Ctrl-Alt-Del style solution would be sufficiently usable.

Cheers,

Stef Walter

_______________________________________________
desktop-devel-list mailing list
desktop-devel-list gnome org
http://mail.gnome.org/mailman/listinfo/desktop-devel-list