FxA Flows

Ryan Feeley rfeeley at mozilla.com
Mon Nov 11 10:23:39 PST 2013


I had a discussion with Chris about this Friday. The question we need is ask is, why is no other sign in system doing it like this? I know from user testing Persona that users look for distinct way to create an account and sign in;  the merged field is unconventional.

I have a massive collection of screenshots of sign in/up screens from around the web I can share.

Beyond that (and Chris tells me not make UX decisions based on my assumption of what makes good security), other sites probably keep these flows separate so that users accounts are not exposed. Most sites use “invalid email/password” messaging because saying “you got the email right, but the password is wrong” is helpful for attackers.

Because you may be syncing your saved passwords, we need to “take care of you” like we promised in our Firefox Design Values.

To be honest, I hope we can do more before we begin syncing passwords.

Thoughts?


On Nov 8, 2013, at 4:39 PM, Francis Djabri <fdjabri at mozilla.com> wrote:

> 
> Hi, 
> 
> Yes, that was the logic we used for the flow initially, with the ultimate goal that the user could sign in with just their email if using Persona. 
> 
> Francis 
> 
> 
> On Nov 8, 2013, at 10:40 AM, Maureen Hanratty <mhanratty at mozilla.com> wrote:
> 
>> I thought part of the reason to separate the email entry from the password (rather then putting it into one form) was that in the event the user did have an account but didn't know about it we could detect that and on the second screen with the password entry tell them, "Looks like you already have an account. Type your password." This was the logic we used when coming up with the sign in flow for payments.  
>> 
>> On Nov 8, 2013, at 7:51 AM, Ryan Feeley <rfeeley at mozilla.com> wrote:
>> 
>>> On Nov 7, 2013, at 6:00 PM, Chris Karlof <ckarlof at mozilla.com> wrote:
>>> 
>>>> 1) Why the separate email and password entry for account creation and signup? Why are we so special that we need to do it differently from everyone else? Can we combine those into a single form?
>>> 
>>> 
>>> Like this? http://cl.ly/image/471i2s0k3g0J
>>> 
>>> Ryan Feeley
>>> Product Designer, Identity
>>> Mozilla UX
>>> IRC: rfeeley
>>> 
>>> _______________________________________________
>>> Dev-fxacct mailing list
>>> Dev-fxacct at mozilla.org
>>> https://mail.mozilla.org/listinfo/dev-fxacct
>> 
>> _______________________________________________
>> Dev-fxacct mailing list
>> Dev-fxacct at mozilla.org
>> https://mail.mozilla.org/listinfo/dev-fxacct
> 

Ryan Feeley
Product Designer, Identity
Mozilla UX
IRC: rfeeley

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/dev-fxacct/attachments/20131111/daafdd68/attachment.html>


More information about the Dev-fxacct mailing list