Confirmed users
717
edits
SecurityUI-UX: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
No edit summary |
||
| Line 15: | Line 15: | ||
Since we have never holistically evaluated the effectiveness of our security and privacy UI, we should do some broad user research to identify shortcomings and design improvements. | Since we have never holistically evaluated the effectiveness of our security and privacy UI, we should do some broad user research to identify shortcomings and design improvements. | ||
|Feature users and use cases=Our UI falls into two main areas: | |||
a) inline: user is notified of some security or privacy relevant event, and (may) want/have to take action | |||
b) task driven: the user wants to perform some specific task such as changing a setting or understanding their situation | b) task driven: the user wants to perform some specific task such as changing a setting or understanding their situation | ||
Some areas to investigate: | Some areas to investigate: | ||
a) context information about the current site ("am I on store.com") | a) context information about the current site ("am I on store.com") | ||
b) is the current site "secure" ("should I enter my password/credit card") | b) is the current site "secure" ("should I enter my password/credit card") | ||
c) historical information ("what information has this site stored on my computer") | c) historical information ("what information has this site stored on my computer") | ||
d) incident driven ("I read about this security issue and I want to disable a cert/feature/etc") | d) incident driven ("I read about this security issue and I want to disable a cert/feature/etc") | ||
e) inline warnings (this is a phishing/malware site, this site wants to install an <X>, mixed content, etc.) | e) inline warnings (this is a phishing/malware site, this site wants to install an <X>, mixed content, etc.) | ||