Brontoforumus Archive

Please login or register.

Login with username, password and session length
Advanced search  

News:


This board has been fossilized.
You are reading an archive of Brontoforumus, a.k.a. The Worst Forums Ever, from 2008 to early 2014.  Registration and posting (for most members) has been disabled here to discourage spambots from taking over.  Old members can still log in to view boards, PMs, etc.

The new message board is at http://brontoforum.us.

Pages: 1 ... 4 5 6 7 8 [9] 10 11 12 13

Author Topic: Unforgivable Sins of UI Design  (Read 25820 times)

0 Members and 6 Guests are viewing this topic.

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Unforgivable Sins of UI Design
« Reply #160 on: October 26, 2012, 10:42:48 PM »

So Apple wouldn't let me download Xcode -- a free set of utilities -- until I added 3 security questions to my App Store account.

For "increased security".  Because a randomized, mixed-case password with numbers and symbols in it becomes MORE secure when you add three more fucking points of failure to it.

You know what would ACTUALLY increase my security?  Allowing me to download free apps WITHOUT logging into an account that stores my fucking credit card number, you assholes.
Logged

Rico

  • Tested
  • Karma: 18
  • Posts: 1916
    • View Profile
Re: Unforgivable Sins of UI Design
« Reply #161 on: October 29, 2012, 05:42:16 PM »

Programs that have volume settings that don't read them until after the six ear-splittingly-loud splash screens have been played.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Unforgivable Sins of UI Design
« Reply #162 on: October 29, 2012, 09:47:53 PM »

There is no FUCKING reason why a BIOS should EVER be set, by default, to halt on a keyboard error.

What the hell century is this?  Hot-swappable keyboards have been the norm since what, 1999?

If my computer boots and I suddenly find that my keyboard wasn't plugged in, I'll plug the goddamn thing in.  And it will work.  Without needing to reboot.  Because this is two thousand and goddamn eleven.

If, on the other hand, I have a couple of hundred computers that I want to be able to run headless, I'd very much prefer not to have to change a BIOS setting on every single one of them!

Flip side of this: boot prompts with no default option/timeout.

Because just because we DO have hot-pluggable keyboards now doesn't mean they're guaranteed to work before the OS boots and loads drivers.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Unforgivable Sins of UI Design
« Reply #163 on: November 24, 2012, 10:26:40 PM »

I am trying to pay my cable bill.

When I try to pay it from my bank account, I get an error, saying that I need to sign up for their new system.  It tells me to look for information on how to do this on the main page.

On the main page there is a thing in big red letters telling me I need to sign up for their new system.  Below that is a link that is ostensibly to information on how to do this.

The link is actually a PDF that looks more like an advertisement than instructions.

The instructions it DOES contain tell me to look for a notice, when I log in, that tells me how to sign up for the new system.

There is no goddamn notice when I log in.

Furthermore, when I enter the name of the new system in the bank's main page's Search field, it returns 0 matches.  And when I type it into a search engine, the top three matches are the bank's main site, the same damn PDF, and the same damn PDF in Spanish.

And copy-and-pasting the error message into the site's feedback form throws an error because it has a fucking "smart" apostrophe in it.  Which is not on the list of allowed characters in the feedback form.  Neither are semicolons or quotation marks.

I am so very glad that I just mailed in the paperwork to have my unemployment checks start coming into my primary bank account so that I will never have to deal with this fucking bank again.
Logged

Brentai

  • https://www.youtube.com/watch?v=DnXYVlPgX_o
  • Admin
  • Tested
  • Karma: -65281
  • Posts: 17524
    • View Profile
Re: Unforgivable Sins of UI Design
« Reply #164 on: November 25, 2012, 07:10:48 AM »

On the bright side, that bank ought to be hiring.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Unforgivable Sins of UI Design
« Reply #165 on: November 25, 2012, 12:14:20 PM »

Hm -- and come to think of it, my cousin works there.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Unforgivable Sins of UI Design
« Reply #166 on: December 02, 2012, 09:29:30 PM »

...they got back to me four days later and confirmed that yes one of the largest banks in the fucking country is currently unable to process bill payments.

No way to run a goddamn business.

...okay, no sense pulling the polite not-naming-names thing anymore; it's Chase.

Fortunately they've got an ATM right across the street from my other, better bank.  About a quarter mile away.  So fortunately, transferring funds between accounts is pretty trivially simple.

Can't wait for that direct-deposit form to go through and never have to deal with Chase again.
Logged

Mongrel

  • Emoticon Knight-Errant
  • kodePunc Team
  • Tested
  • *
  • Karma: -65340
  • Posts: 17029
    • View Profile
Re: Unforgivable Sins of UI Design
« Reply #167 on: December 04, 2012, 05:50:02 PM »

I changed the name of a folder related to Steam, then I changed it back. Steam required me to reauthenticate (not as in "put your password in" but "get an account validation email and input the code and blah blah blah...") each time. >:/
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Unforgivable Sins of UI Design
« Reply #168 on: December 12, 2012, 04:12:48 PM »

So now the bank DOES give me a big splash screen telling me to upgrade to the new system when I log in.

It doesn't work.  Clicking on the link just reloads the same page.  (And I have all the scripts on the page enabled.)

I DID manage to find the correct page by switching to Spanish, clicking through, and then changing "es" to "us" in the URL.

Have to set up a new account, using these password requirements:

Quote
* Minimum of 6 and maximum of 10 long
* Alphanumeric
* Must include at least 1 number
* Case sensitive
* No special characters like @#$%^&*()
* No spaces
* Cannot be same as any of last 5 passwords you have used

Boy it sure is lucky I've only got like $15 left in that fucking account, because those sure are totally unacceptable limitations on a bank account password!

Oh and I can't fucking copy-and-paste a username or password.  Which deserves its own "unforgivable sins of UI design" entry, as it makes it a pain in the ass to use a password wallet.  (Apple does that shit too.)  I understand the reasoning (you don't want lusers leaving their passwords on their clipboard), but it's a pain in the ass.

And then the fucking security questions, which of course are all things that anyone could answer by Googling me, if I answered them honestly instead of making shit up.

And then an E-Mail verification.  That gives me a validation code.  No link, just a code I have to type, because THAT field won't let me paste into it either.  The verification code gets asterisked out, which is a fucking stupid thing to do with a one-time verification code.
Logged

Royal☭

  • Supreme Court Judge President
  • Tested
  • Karma: 88
  • Posts: 6301
    • View Profile
Re: Unforgivable Sins of UI Design
« Reply #169 on: December 12, 2012, 04:17:36 PM »

I really don't understand the whole "Maximum" length thing on passwords. I feel less secure when I have to crop my password for some site's stupid system.

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Unforgivable Sins of UI Design
« Reply #170 on: December 12, 2012, 04:29:27 PM »

I understand it just fine.  They're still using the same fucking backend they were in the 1980's.  Bet I'm talking to an i5/OS mainframe, if not an actual AS/400.

Went through all those fucking steps and now I'm finally logged in (at least the login lets me copy-paste!) and I don't see any option to just say "Close this account and send me a check for the last $15 I've got in there".  Guess I'll have to go up to the corner and talk to a person.  Ah well, I gotta drop a check off at my other bank across the street anyway.
Logged

Silversong

  • Tested
  • Karma: -65515
  • Posts: 176
    • View Profile
    • silversong.pyoko.org
Re: Unforgivable Sins of UI Design
« Reply #171 on: December 12, 2012, 05:09:46 PM »

My apartment complex lets me pay my rent online, but not only does the site not fill in the amount I owe, it has a "leave this field blank" textbox.
Logged

JDigital

  • Tested
  • Karma: 32
  • Posts: 2786
    • View Profile
Re: Unforgivable Sins of UI Design
« Reply #172 on: December 12, 2012, 06:29:39 PM »

The only benefit to restricting passwords is to make them easier to remember. This also makes them easier to guess.

Password length and parameters don't matter all that much, unless the site allows unlimited retries or the password file is leaked.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Unforgivable Sins of UI Design
« Reply #173 on: December 12, 2012, 07:01:21 PM »

The only benefit to restricting passwords is to make them easier to remember.

Not really.

This also makes them easier to guess.

Password length and parameters don't matter all that much, unless the site allows unlimited retries or the password file is leaked.

Well, and even the most secure multi-authentication system isn't going to protect you against someone who's coming after you personally.

The purpose of making your password harder to guess is to incentivize predators into going after a softer target.  Want to make sure your bike doesn't get stolen?  Find a more expensive one that's only got a U-lock through one wheel; lock yours up next to it through both wheels and the frame, and pop your seat off.

A sufficiently dedicated attacker can still get your bike.  But unless they steal the whole rack or are just pissed off at you personally for some reason, they're not going to.
Logged

JDigital

  • Tested
  • Karma: 32
  • Posts: 2786
    • View Profile
Re: Unforgivable Sins of UI Design
« Reply #174 on: December 13, 2012, 01:13:29 AM »

A big problem is that people use short, easy to guess passwords regardless of the options available. Some people are still using "password1" as their password.
Logged

Royal☭

  • Supreme Court Judge President
  • Tested
  • Karma: 88
  • Posts: 6301
    • View Profile
Re: Unforgivable Sins of UI Design
« Reply #175 on: December 13, 2012, 08:01:22 AM »

Something I've always wondered about that password1 showing up is that they come from just counting the indexed number of times it shows up in lists of passwords. While it wouldn't account for all of them, I wonder how many are just people putting in a stupid password for a website they only intend to use once but which still makes them sign up for an account.

Zaratustra

  • what
  • Tested
  • Karma: 48
  • Posts: 3691
    • View Profile
    • Zaratustra Productions
Re: Unforgivable Sins of UI Design
« Reply #176 on: December 13, 2012, 08:25:51 AM »

oh you can bet I do that.

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Unforgivable Sins of UI Design
« Reply #177 on: December 13, 2012, 10:13:35 AM »

A big problem is that people use short, easy to guess passwords regardless of the options available. Some people are still using "password1" as their password.

Well yes, exactly.  You require a user to include at least two numbers and one capital letter, you're going to get a lot of "Password12"'s.

Adding more rules and complexity doesn't make passwords inherently more secure.  In fact, if an attacker knows that a password must contain at least two numbers and a capital letter, that actually REDUCES the amount of entropy for users who DO have randomly-generated passwords.

Something I've always wondered about that password1 showing up is that they come from just counting the indexed number of times it shows up in lists of passwords. While it wouldn't account for all of them, I wonder how many are just people putting in a stupid password for a website they only intend to use once but which still makes them sign up for an account.

This is absolutely true too.  Leaked password hashes are not necessarily representative; users may be using more secure passwords on other sites.

On the other hand, the bigger a pool you get the more likely it IS to be representative, and password reuse is pretty high.  And as I'm sure you know, a whole lot of people really are just that dumb or careless.
Logged

Beat Bandit

  • be entranced by my sexy rhythm
  • High-Bullshit
  • Tested
  • Karma: -65418
  • Posts: 4293
    • View Profile
Re: Unforgivable Sins of UI Design
« Reply #178 on: December 13, 2012, 10:17:00 AM »

I wonder how many are just people putting in a stupid password for a website they only intend to use once but which still makes them sign up for an account.
Now you know my password for the brontoforums.
Logged

Zaratustra

  • what
  • Tested
  • Karma: 48
  • Posts: 3691
    • View Profile
    • Zaratustra Productions
Re: Unforgivable Sins of UI Design
« Reply #179 on: December 13, 2012, 10:39:18 AM »

Don't forget the power of spite. When my workplace started requiring password changes every 30 days with uppercase, lowercase and numbers, I started making them AAAaaa111, BBBbbb222, CCCccc333.
Pages: 1 ... 4 5 6 7 8 [9] 10 11 12 13