Jeff makes a good point about how easy it is to send email under someone else's name. I think people don't really think about it: after all, a username and password are needed to *receive* email, so it doesn't occur to them that the ability to *send* email would be any less secure. So there's a certain amount of securitiness involved.
If the goal is to match the web interface model to the email model, and that does seem a reasonable goal, then replicating that securitiness mightn't be a bad idea. So I'd suggest having a standard e-mail address/password screen. Use Secure HTTP, so whatever people happen to type in the password field doesn't get sent over the Internet in plain text. But then? Ignore what they put in the password field, and go by the e-mail address alone. Kivi Kivi Shapiro Interaction Designer Qualicom Innovations Inc. 416 790-3044 ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [EMAIL PROTECTED] Unsubscribe ................ http://gamma.ixda.org/unsubscribe List Guidelines ............ http://gamma.ixda.org/guidelines List Help .................. http://gamma.ixda.org/help
