- From: Close, Tyler J. <tyler.close@hp.com>
- Date: Mon, 4 Dec 2006 17:12:17 -0600
- To: "W3 Work Group" <public-wsc-wg@w3.org>
I wrote: > We would still need to do some work to integrate this display into the > browsing workflow, so that the site identifier is not ignored by the > user. I've got some ideas on how to do that. The main idea on this front is to continue pushing forward with graphical separation between what the browser says and what the visited page says. In particular, I think form filling options should be presented from the chrome, rather than from the page content. This change has the effect of drawing the user's "locus of attention" away from the page and into the browser's chrome area, so that indicators, like the site identifier, are noticed by the user. For example, the modified browser would contain a "form fill" button in the chrome area. When visiting a page requesting the user's credit card information, the user would position the input focus in the corresponding text field and then either click the "form fill" button, or hit the down arrow key. Either command would cause a drop down list to appear below the "form fill" button, from which the user can select the text to fill. It is important that the "form fill" button be located immediately adjacent to the chrome's site identifier widget, so that the information is in the user's locus of attention. A further step would be to disable form filling entirely for sites that the user has not established a relationship with. For example, when using the Petname Tool, a user establishes a relationship with a site by assigning a petname to the site. A step further would be for the browser to remember what information the user has previously submitted to what sites and indicate in the form filling drop down whether or not the user has previously agreed to give the site the requested information. This same user interface should be used for password input fields, though possibly using "***" characters in the drop-down list, instead of the actual text. Under the above regime, the user becomes habituated to using the form filler to provide input to web pages, and to having their locus of attention drawn to the chrome's indicators. In a phishing attack, the user would activate the form filler, drawing their attention to the chrome's indication that the user does not have a relationship with the host site, and to the indication that the user's credit card number has never been provided to the host site. At this point, we can hope that a significant number of users would become suspicious. Some amount of user training might be required to teach users that when they encounter this situation they should abandon the current transaction and attempt to visit the expected site via some other means, such as a previously stored bookmark. Tyler
Received on Monday, 4 December 2006 23:12:33 UTC