Talk:Labs/Weave/Identity/Account Manager
From MozillaWiki
Use Case Questions
- Some people use different passwords for reasons, e.g. password for family joint account is different than password for individual email accounts. How might we help users manage their passwords efficiently while allow them to keep different passwords on purpose?
- On occasion, I may wish to use the Internet from someone else's computer (e.g. borrowing a friend's laptop or using a terminal at a library) where I may not have access to Firefox. Will there be a browser-independent method of signing into the Weave system so that my account information (or at minimum, login information for sites managed with Weave) would be available?
- The mass password reset use case suggests that operations on all accounts and all sessions are possible. What about a Single Log Out feature ?
Mockups remarks
- You should choose another Relying Party than Yahoo!, because Yahoo! is also an Identity Provider, so the UI is a bit confusing : is the user logging in to Yahoo!, or with Yahoo! ?
- I'd like to see much more clearly the difference between the situation where I am not connected AND not known by the RP (really anonymous), and the situation where I am not connected but known (e.g. as the last known user) by the RP. Question also raised in the section "23-Nov-2009"
Secure UI?
Some "secure" dialogs would be nice - by secure I mean designed to inherently resist spoofing and phishing by presenting key actions in a way that can't be impersonated by scripts on a website.
An example would be a dialog on a banking site that requests the user re-authenticate to complete a sensitive action.
- The UI would have to incorporate elements that make it distinctive from anything that a script or addon could spoof.
- The UI would have to be designed to only work for site for which an existing account manager relationship existed. (The image part would probably be cached with the security certificate for the site at the time the site was added to account manager, so that the image would provide a RELIABLE visual cue to know that the action was associated with the existing site)
Triona 10:46, 28 May 2010 (UTC)
Clicking on "key" icon does nothing
The Account Manager extension does not seem to work on Ubuntu 10.04. An icon with a key is added before the address bar. But clicking on it does nothing.