On Sun, Aug 16, 2009 at 7:08 AM, Nicole Simon<nee...@gmail.com> wrote: > > > On Sat, Aug 15, 2009 at 22:26, Kevin Mesiab <ke...@mesiablabs.com> wrote: >> >> The interaction seems unintuitive and redundant for users who have >> already granted our application 'trust' by installing it. > > I can't understand this notion. > Every single day users are sheep enough to do stupid things - > they just need to be guided to do so. And then they will follow. > > Every single day (especially the normal users) install dozens of apps on > facebook > without even thinking about that box in the middle nor reading it. And 'the > experienced > ones' who teach the sheeps make sure that "never use your password" gets > drilled > into their heads. > > Before there was no alternative. Now there is a better way.From now it is > "password? > BAD. Using without password and authorize with twitter: good!" > > Yes, they have granted you the trust of installing it, but could you please > set the > mindset to the goal? "as part of our x step installation step, this is what > is going to happen: > - download app > - install app > - test app > - now the fun part: making sure you get the best ou tof this experience and > connect it with > twitter itself, and this is how it looks. We are using the secure process > where you > do not need to enter anywhere your password. we never ask for your password, > because > we are the good guys! > - do this > - do that > and tada! you can start using our app! thanks for trusting us!" > > Where is the problem? > It only is unintuitve when you make it as such. of course the above is too > complicated, > so the real steps only should be "3 easy steps to go - download, install, > connect, use!" or something like it. > > But as long as you treat it as the ugly way you don't want to use, you will > not make > it easy on you. > > Nicole >
Agreed. OAuth presents a standardized and centralized process, a universal standard which users can become familiar with, rather than any given app's arbritrary authorization mechanisms and actual levels of trustability. ∞ Andy Badera ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me: http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera)