January 29, 2009 at 10:45Change the layout when entering a password
No, you do not think, this topic is not about the punto switch and the like. Today, I once again helped a friend enter the password from her mailbox. She simply assured that she introduced everything exactly as she had introduced yesterday. Yes, it was so, only she introduced it in the Russian layout, and the system, of course, cursed.
On the basis of all this, an idea came up.
After all, many of us are developing websites and other portals where an authorization system is often simply necessary. But at the same time, many users often still enter passwords in the wrong layout. So can they still forgive them?
1. The user entered the password: “ytsu”
2. The system hash the input, compares it with the hash from the database, there is no match.
3. The system translates the entered password into the Latin alphabet (“qwe”), hashes, compares. There is a coincidence.
4. The user logs on to the site.
5. A message pops up that the password was entered in the wrong layout, but the system was kind and negligent user missed.
1. This approach will save a lot of nerves to many not very experienced users.
1. System resources for "pledging" will be required more.
2. Security is reduced (there are fewer possible combinations for entering a password)
Here you already have to look to whom is more important and what audience the product is being developed.
Similarly, you can discuss the idea with a capsloc =)
Criticism, comments, suggestions?
On the basis of all this, an idea came up.
After all, many of us are developing websites and other portals where an authorization system is often simply necessary. But at the same time, many users often still enter passwords in the wrong layout. So can they still forgive them?
scheme of work
( suppose the user password is “qwe” )1. The user entered the password: “ytsu”
2. The system hash the input, compares it with the hash from the database, there is no match.
3. The system translates the entered password into the Latin alphabet (“qwe”), hashes, compares. There is a coincidence.
4. The user logs on to the site.
5. A message pops up that the password was entered in the wrong layout, but the system was kind and negligent user missed.
Pros:
1. This approach will save a lot of nerves to many not very experienced users.
Minuses:
1. System resources for "pledging" will be required more.
2. Security is reduced (there are fewer possible combinations for entering a password)
Here you already have to look to whom is more important and what audience the product is being developed.
Similarly, you can discuss the idea with a capsloc =)
Criticism, comments, suggestions?