I think the flow could look like this:
Firefox version X with new sync starts for the first time. A doorhanger
comes down and asks "Do you want to store your browser profile with
Mozilla? Yes/No."
If Yes, we create an account for you, and locally in your browser store
an auto-generated username and password. At this point we can start
syncing, but the user has no way to access that data from other devices.
Next, we occasionally bring a door hanger "Are you Asa Dotzler and is
your email [email protected]? Yes/No". If Yes, we know that because we have
seen your email account and Facebook name and what not.
If no, we can give you a way to associate your existing Mozilla service
stuff with an account you chose.
If you say yes, we associated that email with your sync account that you
already have with us, and if you try to link another device, we will
check for your accounts you are logged into. If you are already logged
in into [email protected], we ask you "Is [email protected] your email, and do
you want to sync with the stuff associated with that?". If you say yes,
your other device starts syncing.
If no, we ask for an email and make you verify that with a link we send
you and then sync starts.
For the default flow setting up sync with this is 1 click (Steve Jobs
would be proud of us). A 2nd click allows you to sync multiple devices.
That having said, I am not sure this discussion is in scope. I am ok
with simplifying to always-make-an-account in the interest of shipping a
solid, simple sync, after failing for half a decade to do so.
Andreas
Asa Dotzler wrote:
On 7/26/2013 1:14 PM, Mark Finkle wrote:
I worry about this approach in that Firefox does not know my Facebook
password unless I ask Firefox to save it. Even then, just because I
save my password in Firefox does not mean I want Firefox to
auto-login to services using that password. What if I save three
different passwords for three different usernames in my Firefox?
We should be more explicit about password usage and logging into
services.
If we think we can use Firefox stored credentials to smooth the flow,
(I do) I think we should definitely explore this further.
We need two things from a user to make Sync go. We need a verified
email address and we need a password. We need the email address for
all future account management (and for use as a auth username) and we
need a password so the user can securely auth additional devices.
Let's presume that at Sync Sign Up we ask the user for an email
address and a Sync password and they give us [email protected] and
their Yahoo password. Now, we've got the two things we need from a
user, a verified email address and a password. The email ownership is
verified by the password manager or some quiet lookup we do with those
credentials because the password manager match gave us enough
confidence to do a potentially expensive lookup. The password happens
to be the user's Yahoo password and not a Firefox Sync specific
password but there's not much we can do to try to stop that. It's
gonna happen for enough of our users that discouraging it seems
counter-productive and not utilizing it when the user does give it to
us seems wasteful and user-hostile.
So, the user has given us what we need to go. Why would we ask the
user to jump through any further hoops? This could bring the
experience to "parity" with our competitors who already have hundreds
of millions of user accounts.
- A
------------------------------------------------------------------------
There's been an idea kicked around repeatedly by andreas and ekr
that we could do login to picl *implictly* based on browser
knowledge of sites you visit.
The idea goes something like this "given that PiCL is inside the
browser, and the browser knows your identity on various sites,
couldn't we just use the accounts you already have to sign you
into PiCL".
This idea represents a significant divergence from what we're
doing now, building Firefox accounts.
If it has legs, we should understand now. If it doesn't, we
should understand now so we can stop talking about it and
continue to cruise. Let's have this conversation now, it'll be fun!
Andreas or Ekr, Take the stage and explain how this might work!
Questions to kick you off:
1. As a user, I set up sync on my desktop browser by XXXX
2. As a user, I link my android device to the sync account used
on my desktop by XXXX
lloyd
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
