Improving the authentication process of subsurface.
Dirk Hohndel
dirk at hohndel.org
Sun Mar 9 09:00:51 PDT 2014
On Sat, 2014-03-08 at 20:22 +0100, Aurélien PRALONG wrote:
> Harshit,
> >I have to click on the click on existing account option and after
> writing my email-id, An email is
> > received containing my generated id. Then I have to copy my
> generated id and then paste
> > in the retrieve account option.
>
> If you create the account from the application, you don't have to copy
> the ID, it is returned from the web-service. So you just have to
> confirm the email to make the account active (mandatory if you don't
> want bot accounts).
>
> Pierre-Yves,
> > After I have nothing against changing it if we say that finally we
> want to have
> > the more classic username/password type of account.
>
> Initially, I wasn't a big fan of the ID too. Now, I find it more
> convenient, as you do not give your password to a site. It only
> downside is that you cannot regenerate an ID if it becomes
> compromised.
I think we need to point people to the companion app for creating the
ID. Then the process is reasonably straight forward. But even then,
every time I switch phones (which I may be doing more frequently than
most sane people) I need to find the ID, email it to myself and then
copy and paste it. Not ideal.
> If something has to be done with accounts, maybe you could add an
> OpenId option, so no password is needed (and it integrates well in
> Android).
I like that idea.
> BTW, can you check the website (http://api.hohndel.org/) ? I think the
> banner has been moved.
Sorry. Fixed.
/D
More information about the subsurface
mailing list