25
edits
| No edit summary | No edit summary | ||
| Line 206: | Line 206: | ||
| <span style="color:#ee9966">One thing that both WhatsApp and Facebook have in common is that they both make the app and they also run the service that the app uses.  This is the difficult part of ChatSecure: it is just the app, someone else is providing the service.  The advantage is that anyone can provide the service (companies, student groups, universities, individuals, etc.)  This means the user can choose a service provider that they trust the most, but that makes the login procedure a lot more complicated.  One idea that works well in this kind of situation is having "sensible defaults".  That means that the app will choose a specific service by default, and the user can just choose a username and password.  Then if the user wants more choice, then can expand a hidden section that contains all of the options.  | <span style="color:#ee9966">One thing that both WhatsApp and Facebook have in common is that they both make the app and they also run the service that the app uses.  This is the difficult part of ChatSecure: it is just the app, someone else is providing the service.  The advantage is that anyone can provide the service (companies, student groups, universities, individuals, etc.)  This means the user can choose a service provider that they trust the most, but that makes the login procedure a lot more complicated.  One idea that works well in this kind of situation is having "sensible defaults".  That means that the app will choose a specific service by default, and the user can just choose a username and password.  Then if the user wants more choice, then can expand a hidden section that contains all of the options.</span> | ||
| Another approach is to ask the user a question before setting up the account.  Something like "how concerned are you about the security and privacy of this account?"  Then based on the answer to that question, ChatSecure would choose the defaults for the user (things like which service, whether to use Tor or not, etc.  Then the user could optionally change those defaults.</span> | <span style="color:#ee9966">Another approach is to ask the user a question before setting up the account.  Something like "how concerned are you about the security and privacy of this account?"  Then based on the answer to that question, ChatSecure would choose the defaults for the user (things like which service, whether to use Tor or not, etc.  Then the user could optionally change those defaults.</span> | ||
| Line 214: | Line 214: | ||
| ==First design considerations and ideas== | ==First design considerations and ideas== | ||
| After the  | After the interviews, the observations while usability tests and the comparison with other apps, we could draw the first design conclusion and ideas:   | ||
| 1. We want the process of creating an account and signing in as  | 1. We want the process of creating an account and signing in as intuitive as possible (comparable with WhatsApp and Facebook Messenger)   | ||
| 2. We want the app as safe as possible (safer than WhatsApp and Facebook Messenger)    | 2. We want the app as safe as possible (safer than WhatsApp and Facebook Messenger)    | ||
| Line 223: | Line 223: | ||
| * reduce redundant buttons   | * reduce redundant buttons   | ||
| * clarify inconclusive and obscure functions/buttons    | * clarify inconclusive and obscure functions/buttons    | ||
| <span style="color:#ee9966">One thing to consider with the password is whether it is a good idea for the app to not remember the password.  Certain high-risk users might want to avoid saving their password on the phone in case the phone is lost.  But if the password is stored in a way that it cannot be recovered, and access to the app requires a password on a lock screen, then there is no longer a good reason to avoid saving the password.  ChatSecure can now do both: it stores everything encrypted, and it has a lock screen for the whole app.  In this case, I think it makes sense to remove the option for saving the account password, and just make it always save it.  Then perhaps ChatSecure can forget the password if the user forces a logout.  I believe this is how the Facebook app handles the password: it automatically remembers it until the user manually requests to logout.</span> | |||
| ==Prototypes==   | ==Prototypes==   | ||
| Line 230: | Line 234: | ||
| Our first prototype for the login process contains the additional password entering button if it isn't saved. (at the beginning you can choose if you want to save the password for further use or not) | Our first prototype for the login process contains the additional password entering button if it isn't saved. (at the beginning you can choose if you want to save the password for further use or not) | ||
| It occurs when you want to switch from offline to online as an extra field.    | It occurs when you want to switch from offline to online as an extra field.    | ||
| <span style="color:#ee9966">This definitely makes a lot of sense, it should be easy to enter the password if it is not saved.  And ChatSecure should prompt the user when it wants the password, rather than making the user go find where to enter the password.</span> | |||
| [[File:Prototyp Anmeldeprozess.jpg|600px]] | [[File:Prototyp Anmeldeprozess.jpg|600px]] | ||
edits