On Mon, 13 Aug 2012 16:50:03 +0000 (UTC)
Jim Henderson
https://secure-www.novell.com/selfreg/jsp/createSimpleAccount.jsp is the Novell version of the "simple account" page.
Re-skinning will not help much, it has to be rewritten. Left sidebar is all Novell: Customer Center Home ---------------------- About Novell Login Create an Account << leads to complicated page Edit My Profile << after change it will proceed with [1] Validate Email Forgot > Password User Name Both I did not analyze all paths, just 2 with comments. Basic Novell Login Information: Make only email info mandatory and then drop "I am not associated with a company". It will make form simpler and more acceptable to plain users. Security question and answer: I don't think that security question and answer are necessary. It is used to recreate account access, where email should be better choice. Security Q/A will give a chance to people that watch their passwords to make a mistake choosing simple word, or little known fact from their life, and create a backdoor with weaker lock then the main one. Of course, it will ask malicious side to do some research on the subject, but that is why it can be considered as a weak password. Email is quite dependable thing and it is easy to remember. There are scenarios where email account is hijacked too, so all is false, but security question^W^W weak password will not protect such user. There are other scenario where users changed email service provider, but forget to change it in misc login and profile information. In that case it is probably better to create new account then to use Security Q/A. [1] there is another "Continue button that is asking about company information, although it was checked that I'm not associated with any company. BTW, that checkmark does not stick between 2 edits. There is couple of possible names for that; one is pestering people with own bugs. That behavior is present as long as I remember account creation page. Nice, but not documented, is that logout at that moment preserves all changes to profile, so no need to continue. Should I say that I was victim of that "Continue", and left page without logout. On my surprise, account was working fine. How many people would come on idea to login after something that appear as failed account creation? -- Regards, Rajko -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org To contact the owner, email: opensuse-project+owner@opensuse.org