Hi Jeff, and all. It has been very interesting to hear different views on this topic. I am working on designing the login panel for a community site, whose security context is similar to ixda:
>The security of the IxDA discussion list is built on the goodwill of >the membership. We consent not to impersonate each other not because >it's impossible, or even difficult, but simply because there's no >incentive to act otherwise. And if I follow the same authentication mechanism as ixda of verifying the machine ip (first time a different machine is used, send a verification mail to the user.) How about prompting only for the email? (User can always go back to the last email received from discussion list and there is no need to remember what name was entered..The first time a user logs in, I could ask for a name and it can be edited later through account settings.) Thanks Kiran On 10/22/07, Christian Crumlish <[EMAIL PROTECTED]> wrote: > > On 10/22/07, Jeff Howard <[EMAIL PROTECTED]> wrote: > > > > I could do a better job communicating how the sign-in system works up > > front, but I'm fascinated that the same standards of security aren't > > expected of the e-mail channel. > > > > Context is king. > > -x- > ________________________________________________________________ > Welcome to the Interaction Design Association (IxDA)! > To post to this list ....... [EMAIL PROTECTED] > Unsubscribe ................ http://gamma.ixda.org/unsubscribe > List Guidelines ............ http://gamma.ixda.org/guidelines > List Help .................. http://gamma.ixda.org/help > ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [EMAIL PROTECTED] Unsubscribe ................ http://gamma.ixda.org/unsubscribe List Guidelines ............ http://gamma.ixda.org/guidelines List Help .................. http://gamma.ixda.org/help
