- From: Jörg Schwenk <joerg.schwenk@ruhr-uni-bochum.de>
- Date: Wed, 14 Jun 2006 23:18:49 +0200
- To: "'Amir Herzberg'" <herzbea@macs.biu.ac.il>
- Cc: <public-usable-authentication@w3.org>
Received on Wednesday, 14 June 2006 21:18:34 UTC
Sounds like a very interesting idea, and I can imagine how it works for standard username/password. Do you have any ideas how to handle non-standard logins, e.g. username/email/creditcard/password, or transaction numbers from a TAN list (system used by all german banks)? Joerg Schwenk -----Ursprüngliche Nachricht----- Von: public-usable-authentication-request@w3.org [mailto:public-usable-authentication-request@w3.org] Im Auftrag von Amir Herzberg Gesendet: Dienstag, 13. Juni 2006 17:47 An: James A. Donald Cc: public-usable-authentication@w3.org Betreff: Re: Secure Chrome James A. Donald wrote: > User does not look at routine chrome. Does not look at > irrelevant information. agree > > We have to make the login page special in an obvious and > dramatic way - and not make all the other pages special, > because then it just turns into noise and the user tunes > it out - so login and account creation has to be part of > the browser, not a web page. I agree. Our in-development code modifies login pages so that login is always done via our control in the Chrome - user never enters password in a web form (we can also auto-fill the password so users don't need to type it at all). Feedback? Amir Herzberg
Received on Wednesday, 14 June 2006 21:18:34 UTC