one (secure) login button please

[nenieorg]

does anyone know why there's still a "secure login" and a "login" button? I see the beta version still has the two!

I was talking to a fastmail-using friend yesterday who asked if her work sysadmin can read her webmail when she accesses it from work, and I had to explain that it's less likely if she uses secure session (where the sysadmin needs to hack her browser on her workstation) rather than the regular login (where they just needs to look at the proxy web server if any and/or mere ethdump from anywhere). of course she had no idea of the difference between 'secure login' and 'login' and it's not something that stands a chance of being taught to end users.

so why not remove the 'login' button and make all logins do what 'secure login' does now? (or perhaps relegate the unsecure login to the "more" expandable thingy.) frankly I can't see any use for unsecure logins nowadays. it might have been useful when https support (both browser and networks) was patchy but nowadays it's universal and has been for some years.

also the current setup contains a user interface disaster: if you regularly use secure login, the buttons' order swap (presumably a cookie remembers it), but then of course when you connect from another new machine they swap back, but you're used to click on the first button on your usual machine, so you end up doing unsecure login on foreign machines/network where you want secure login more than usual! swapping the order of important buttons is no good: the risk of doing the wrong operation way outweighs the alleged convenience of having the most common button first (which is about nil on a two button thing). so at the very least the order should be made fixed, with secure always first (so that non-techie users at least stand a better chance to get it right).

[Lnguyen]

I gotta agree on having the default be a secure login. It seems silly to me not to have it always encrypted. Now, if there's a technical reason behind it, then that is a fair answer. I suspect it wasn't before due to processing power?

Even google fails at this.. not everything is secure even when you select "always use https" as there are insecure elements on the page.

[ChinaLamb]

totally concur on this need. One login button.

Unless, of course, they put an option in the options screen to "always use Https"

/cl

[Sid]

Totally agree on this one also!

When I'm on a public computer I often press the wrong, unsecured, login button by accident. This because when you visit Fastmail for the first time the default is unsecured login(!).

In my opinion https should be the default (as with most mail services nowadays). I would even take it a step further: there should be a warning message when you are trying to login without https prior to actually logging in unsecured!

[uberjay]

Agreed--at the very least, I think (as mentioned in other threads) the default should be changed to always be "secure login". Accidentally logging in insecurely at a coffee shop, sending your password in cleartext to the jerk in the corner with the ethernet sniffer would be really sad.

If there is some resistance to changing this, at the very least could we have an option for setting the default (or better yet--removing the insecure login option) for a custom domain login? e.g., the mail.userdomain.com setup with custom DNS pointed at STANDARD_MAIL.

At least we should be able to agree on that, right???

[COUME]

I also wanted to add my vote to "one (secure) login button" as I cannot see the point of keeping both

Could there be some occasions/environments where a user has to use a non-secure connection to be able to login? If not, I really do not see any argument to keep the "non-secure" option...

Just my 2 cents

[NumberSix]

I suppose an argument can be made that people should be protected from their own ignorance by those who know better, but we know from the history of the world what that can lead to

An argument could also be made from the point of view of processing cycles. I don't know how many more it takes to do every pageload under SSL compared to not. I know that there are many people in the world who honestly could not care less about their own privacy or security on-line. Seems irrational, I know But there are a lot of people like that.

If it costs a lot of cpu cycles to do SSL, then it makes sense to me that FM might want to keep it optional. Let the people who value it use it, and for those who don't, let's not burden the system. Freedom! Let's keep the freedom to be irrational

Dave

[rabarberski]

Isn't it because https might be blocked on some networks, whereas http has a higher change of being allowed on networks?

[NumberSix]

That might certainly be the case...

[ChinaLamb]

Quote:

Originally Posted by NumberSix

That might certainly be the case...

Users like myself, though, would never use fastmail without https over an unsecured network. Therefore, I still want this feature - in fact - I'd want it all the more.

[NumberSix]

What feature was that? I thought we were discussing the removal of the standard (non-secure) login button?

Dave

[uberjay]

Ideally, I'd like to see the insecure login button removed from the main page, just to protect people from themselves. Leave the insecure login a link away for those who can't use SSL from their location. (e.g., click here for a non-secure login page)

If that's too controversial, at the very least let me force my whole family to log in securely by removing the insecure login option from my domain-specific login page.

[NumberSix]

Quote:

Originally Posted by uberjay

Ideally, I'd like to see the insecure login button removed from the main page, just to protect people from themselves.

As I mentioned, I think this is a bad idea. I don't think FM should be in the business of protecting people from themselves. And it could backfire... what if one of those people I mentioned who don't care about privacy and security tried to log in to get their email in a situation where SSL connections were being blocked, or for some other reason an SSL login failed, and ended up losing a big business contract or something as a result? Even if the insecure login button was still there, but hidden, they would rightly be angry if they had never used it and didn't know about it. You could say "they should have been informed about the various features", but one could just as well use the same argument regarding the two buttons that currently exist.

Quote:

If that's too controversial, at the very least let me force my whole family to log in securely by removing the insecure login option from my domain-specific login page.

If you have a login page that is only used by people in your domain, it would be fair to allow you this policy option, but my personal feeling is that you'd do better to educate your family members so that they understand why they should use SSL. This tends to be more effective in the long run than a do-as-I-say approach. Not to mention that the knowledge will serve them in decisions they make regarding their other activities on the web, when you're not involved. It's the "teach a man to fish" thing.

Dave

[Obius]

I'm new to FastMail, and, with my previous webmail, was accustomed to entering username and password and clicking enter for default secure login. My practice is, fairly randomly, to close and open my webmail while browsing, and to close and open my browser while working at the computer, with my browser set to delete cookies on closure. So I experience oscillating login buttons and defaults.

Of course, I need to look for and click on the oscillating secure login button, which is an extra step to the login. A few times, I've even logged on fast and clicked enter, and felt obliged to change my password.

So I agree that there should be a default secure login button that doesn't move.

[NumberSix]

I agree that it's bad that the buttons play musical chairs. They should stay put. Then you have the chance to develop keyboard-habits that won't get you in trouble at different times.

(oh, and welcome to the forums, Obius )

Dave