All posts in the topic Log In to GroupServer
Summary
- There are 6 posts — by 3 authors — in this topic.
- Latest post made by Michael JasonSmith at 2007 Sep 25 05:31 UTC
| From | File | Date |
|---|---|---|
| Michael JasonSmith | login.png login.xcf.bz2 | 2007 Sep 25 05:12 UTC |
OnlineGroups.Net has been musing about using email-addresses as login
identifiers, rather than the obscure user identifiers that are currently
generated. Below is the proposed Help text for the GroupServer manual,
detailing what login will look like. Comments?
Logging in to GroupServer
To log in to GroupServer, carry out the following.
1. Click Log In on any GroupServer page. The log in page will be
shown.
2. Enter your email address in the Email Address entry.
3. Enter your password in the Password entry.
4. Click the Log In button. You will be now be logged in to
GroupServer.
One idea that Richard had was to show the user a link to the Password Reset
page, in the error message if the user gets the password wrong. The body of the
login page will also have a link to the password reset page.
Many sites now allow either a user name or e-mail simultaneously.
The first/last name thing works great for me because I want the member profile
link to contain real information - the person's name. So I recommend having
profile pages based on f/last name rather than login/e-mail.
The big question is whether you really need to assign such difficult passwords
instead allowing people to pick them themselves when they login. If we had
credit cards on file I could understand the stronger security standard, but we
get support queries weekly from folks who simply can't type in the combinations
of case sensitive letters and numbers GS generates.
Steve
Michael JasonSmith wrote:
> OnlineGroups.Net has been musing about using email-addresses as login
identifiers, rather than the obscure user identifiers that are currently
generated. Below is the proposed Help text for the GroupServer manual,
detailing what login will look like. Comments?
On Sun, 2007-09-23 at 20:50 -0500, Steven Clift wrote:
> Many sites now allow either a user name or e-mail simultaneously.
>
> The first/last name thing works great for me because I want the member
> profile link to contain real information - the person's name. So I
> recommend having profile pages based on f/last name rather than
> login/e-mail.
This is also likely to change when we rebuild registration. I think
Mike will probably be sending out the detailed document on this at some
stage in the near future(?). We spent a couple of days designing it
last week.
Key changes:
1: Simply providing an email address will get account creation underway.
Passwords will be created as the last step (since you don't actually
*need* a password if you're just using email!)
2: The user will choose what the identifier in the link to their profile
is (we call this the nickname now). It is a possibility that we could
force this to be set to something for certain sites.
3: There will be no concept of a 'login' name. Only email addresses. See
1 to see what the 'login' name will become.
4: The user will choose their own password. Always.
5: Accounts are not verified. Only email addresses will be verified (a
verified account will be defined as one with at least one verified email
address).
6: Profile information will be collected as part of the account setup
process. This will, in most cases, be optional. It is partially to give
the user something to do while waiting for the email verification to
arrive.
7: The user will be given *considerable* scope to verify their email
address. They will be reminded about it. They will be allowed to resend
the verification. They will be allowed to change the address if it's
wrong and resend it. They will be given hints about putting the 'from'
address into their email address book.
> The big question is whether you really need to assign such difficult
> passwords instead allowing people to pick them themselves when they
> login. If we had credit cards on file I could understand the stronger
> security standard, but we get support queries weekly from folks who
> simply can't type in the combinations of case sensitive letters and
> numbers GS generates.
The new registration system will eliminate this entirely. The user will
never have a password chosen for them, not even if they use the password
reset. If they register by email, they will choose a password when they
decide they want to use the website as well.
Oops! I forgot to give an overview of what I am doing. As Richard said, http://groupserver.org/r/post/tSThngZ1h0JwvReMZMHlT we have been working on registration. However, rather than give a top-down explanation on how we see registration, I am going to give an overview of the individual components: email address verification, login, and password setting. You will see why when I get up to registration ☺
Below is the mock-ups of the log in page. Note that the verb is
Log In; the noun Login is never mentioned, as these pages are
verb-centric (and I am afraid of Alice).
Also of note is the three links to the right of the Log In button:
* Reset Password, Register, and Help. They
The following files were added to this topic:
Sorry about the poorly edited message above, I accidentally typed Control-Enter in my email client ☺ Anyway, the Reset Password will go to the Reset Password page, http://groupserver.org/r/topic/1l8PS08Xg068Ba5kvJb3yM Register will got to the Register page, http://groupserver.org/r/topic/7ojOA069zPQquIRZrWzpmR and Help will provide context sensitive help for the Login page.
This site is provided by OnlineGroups.Net, where you can start your own free online groups site, using the open source web-based mailing list manager GroupServer.