2010/11/23 Ian Clarke <ian at locut.us>:
> On Tue, Nov 23, 2010 at 8:32 AM, <cvollet at gmail.com> wrote:
>>
>> > Okay so you log in with a password (and possibly a username), and then
>> > you switch between different identities.
>> > I know, then we can build some kind of system that remembers people's
>> > passwords so that they don't have to use a password - genius! ?Or, we
>> > simply
>> > don't require passwords in the first place. ?We are supposed to be making
>> > Freenet easier to use, not figuring out new ways to throw?obstacles?in
>> > people's way.
>> >
>> >
>> Good point. Without the sarcasm, it would have been even better, but
>> well...
>
> Sarcasm is like bacon, it improves almost everything it is added to.
>
I'm a big fan of sarcasm myself, but I'm not sure it's the place to
use it. You never know how people will react (granted, given the
normal tone of devl message, you can expect it).
>>
>> This identity can have a password too. If it has a password, we encrypt
>> all the information of that identity (bookmarks, messages, and so on).
>
> We are going to run into serious problems if we allow people to create
> passwords which have no way to?circumvent?the password if it is forgotten.
> ?You might say "tough luck", but the reality is that people forget passwords
> all the time.
> The reason I am frustrated is that the purpose of the UX discussion should
> be figuring out how to make things easier for the user, but instead its
> turned into a search for ways to make things more difficult by requiring
> passwords where currently we do not. ?We have enough of a hill to climb with
> regard to usability without thinking of ways to make it even higher before
> we have even started climbing.
> Mark my words, if we introduce passwords which have no way to get around
> them in the event of them being forgotten by the user, we are going to have
> some seriously unhappy users in the not-too-distant future.
Well, right now, we do ask a password if users want to encrypt the
client-layer or whatever that is we encrypt. So, the idea was to allow
that on a per-identity basis. If it's not possible/too complicated/not
useful, then yes, we can just go with the current master password, and
identities without any password. Also, is it not possible to have a
system to backup passwords in-freenet? (of course, only if we agree
identity-based encryption is a plus)
> Ian.
> --
> Ian Clarke
> CEO, SenseArray
> Email: ian at sensearray.com
> Ph: +1 512 422 3588
>
> _______________________________________________
> Devl mailing list
> Devl at freenetproject.org
> http://freenetproject.org/cgi-bin/mailman/listinfo/devl
>
