[security] MyOpenID
Eric Norman
ejnorman at doit.wisc.edu
Wed Mar 21 20:17:21 UTC 2007
On Mar 21, 2007, at 2:56 PM, Dmitry Shechtman wrote:
> It's not about the wording or the documentation. Nobody actually reads
> it.
> I'm speaking out of experience with many users logging into
> phpbb-openid
> demo boards and being genuinely surprised to find out that their email
> addresses are publicly visible.
>
> You shouldn't assume every user is intimately familiar with concepts
> such as
> public personas. Here is just one recent illustration:
So here's a suggestion.
Instead of writing text to explain what "public persona",
why not just show them what you mean? Show them the actual
web page that would be visible to everyone along with
words something like, "This is what anybody in the world
would be able to see about you. If this is satisfactory,
check ...; if not don't check ...
Eric Norman
More information about the security
mailing list