When would one use "Public terminal" and "Save password" at the same time?

[Prognathous]

IMHO, using both at the same time is self-contradictory (why would I want automatic login on a public terminal?). Anyway, if this is indeed the case, wouldn't it be better if these options were implemented as radio-buttons instead of checkboxes?

Prog.

[JeremyY]

good point, but with radio boxes, if you accidently select one of the boxes and you didnt mean to select either, you cant unselect them until you refresh

[hadaso]

So with radio buttons you'd need one more line saying "neither". So you're better off with the checkboxes, and "public" probably overides "save" anyway.

[kander]

Only one way to find out, I'd say.

I just tested it... and it doesn't override.

I checked both Save PW and Public, and logged in using non-secure mode.

Went into my mailbox, sent a mail.

Went to www.somesite.com and did some things there. Went to www.fastmail.fm and ended up in my mailbox.

Kinda strange, when logging in on a public terminal I most certainly wouldn't want my password saved... Perhaps an OK/Cancel warning if both are checked? OK is continue, cancel is stop, so that the user can change it?

--K

[Prognathous]

Quote:

Originally posted by hadaso
So with radio buttons you'd need one more line saying "neither". So you're better off with the checkboxes,

I disagree, adding another option is better than having an illogical interface.

Alternatively the login should be refused if both checkboxes are set. Providing feedback upon error is better than being arcane.

Yet another option would be to automatically clear one checkbox if the other is set. The problem with this one is UI inconsistency. Checkboxes are not supposed to act like radio buttons, even if this behavior would be desirable in this context. (EDIT: I just checked hotmail.com and this is exactly what they're doing)

Quote:

Originally posted by kander
Kinda strange, when logging in on a public terminal I most certainly wouldn't want my password saved... Perhaps an OK/Cancel warning if both are checked? OK is continue, cancel is stop, so that the user can change it?

Why should an interface ever let users accept this completely un-needed functionality? more often than not, users just click OK without reading or understating the question. The UI designer is supposed to prevent such situations in the first place, not to drop this responsibility over to the user.

Prog.

[David]

If a person works in a busy office (that is networked) and they have their own office and own computer, they might want to select the checkbox for "public terminal" so that web pages are not cached and saved on the network. But they may also want to set the "save password" box as well. If they do that they can leave fastmail (occasionally) to do some work, and re access fastmail again, without logging in again. This is what I used to do. Was my logic wrong on this? --david

[Prognathous]

Quote:

Originally posted by David
If they do that they can leave fastmail (occasionally) to do some work, and re access fastmail again, without logging in again. This is what I used to do. Was my logic wrong on this?

In my opinion, it was wrong.

If you were using a multi-user OS (such as WinXP, Linux and OS X) you should have simply locked (or logged out of) the machine every time you exit the office. This is the only way you can prevent people from snooping your email and your desktop.

If you were using a single-user OS (such as Win9x and BeOS) you should have logged out of your email.

That's my logic.

Prog.

[David]

Prog: I used to lock the door when I went out.

We were using Win 2000 O/S. A lot of the data in the machines was backed up to to one of the servers; they wanted to know what people were doing on the Internet; it made sense that they would back up cached web pages. I am speaking of a network that encompassed hundreds of offices.
added italics

[Prognathous]

What makes you think the pages would have been logged on a network drive where everyone could access them? usually, temporary web files are saved locally and proxy servers don't provide "free" access to private emails (at least I have never encountered such a case)

Prog.

[sjk]

Quote:

Originally posted by Prognathous
Why should an interface ever let users accept this completely un-needed functionality? more often than not, users just click OK without reading or understating the question. The UI designer is supposed to prevent such situations in the first place, not to drop this responsibility over to the user.

That sure reminds me of something I read in X vs. XP a few hours ago:

Quote:

Not everybody has logged thousands of hours of computer time. Computers need to be as easy to interact with as other human beings (please no cracks about humans being difficult to interact with). No OS is there yet, but when a user clicks a button and the wrong thing happens, 9 times out of 10 there is a UI design solution that could have averted the undesired outcome. In order to improve all OSes we need to place the blame of usability problems not on the user but on the UI. True, it's very difficult to design a UI that simultaneously accommodates the needs of the novice and the needs of the power user. However, just because it's difficult doesn't mean it's not possible or that we should forgive a UI that doesn't live up to the task.

That "simultaneous novice/power user accomodation" factor is something to consider in the example David just gave for when both login options can be useful (if indeed that's how they interact together), and for other parts of the FastMail interface where novice user expectation differs from experienced user expectation.

[Prognathous]

Quote:

Originally posted by David
We were using Win 2000 O/S. A lot of the data in the machines was backed up to to one of the servers; they wanted to know what people were doing on the Internet; it made sense that they would back up cached web pages.

If they really wanted to see what people were doing on the Internet, wouldn't it have been simpler to check the logs? and if snooping people's email was their thing, what was stopping them from "backing up" the Cookies folder and really check this from inside?

I really can't think of any real-life situation where setting both of these login options would have made the difference.

Prog.

[David]

Quote:

Originally posted by Prognathous
If they really wanted to see what people were doing on the Internet, wouldn't it have been simpler to check the logs? and if snooping people's email was their thing, what was stopping them from "backing up" the Cookies folder and really check this from inside?

I really can't think of any real-life situation where setting both of these login options would have made the difference.

Prog.

Prog: You may be right on this. I was not overly concerned. This was more a 'precaution' than anything else. imo: The less data that is floating around on a network the better. I had a local password for my machine to protect against any local snooping. Maybe I was being overly cautious? But it certainly did not do any harm, and it did prevent cached web pages being backed up. I assumed also that the "logs" would show a record of the sites I visited. The cached files could show the contents of every fastmail page I had opened up? --david

[vidvandre]

Quote:

Originally posted by Prognathous
When would one use "Public terminal" and "Save password" at the same time?

• We all agree that the "save password" option creates a cookie that automatically logs us back in when revisiting .fm
• If I’ve understand things correctly the "public terminal" option prevent pages from being stored in your browsers cache.

So to answer your question Prognathous:
I believe there are many scenarios where having both set to true/on would be the preferred combination of settings. In my opinion this would be in any environment where multiple users share the computer, but one user might use the computer for a lengthy period of time. This could be at work, on a school, in a library or even at home.

Only one thing to remember when leaving a computer from any such environment; delete cookies. This prevents another user from logging in as me at fastmail.fm, emailaddresses.com, help.lockergnome.com and so on. Furthermore, since I used FastMail’s "public terminal" option that other user cannot read my email (by retrieving pages from the cache) either...

[Prognathous]

Vidvandre,

Please describe the exact steps needed to reproduce this problem (the one solved by this combination of options). I can't really imagine the situation.

Prog.

[vidvandre]

Ok Prognathous - I’ll give you two examples of such scenarios...

A man and a woman live together; as such they share many things one of which being the computer. The woman has an affair and frequently set up dates with her lover using email (read fastmail.fm). This woman would clearly want to keep her email private from the man.

A less dramatic example would be a public library with computers that are open for use by the public (without the need to login). As anybody else, a user of these computers would like to keep his/hers email private from other users of this computer.

In both examples, if "the user" where to log in without using the "public terminal" option, all email will be available to subsequent users of that computer thru the browsers cache. In both examples this could have been prevented by using the "public terminal" option when logging in.

Still in both cases, if "the user" where to use the computer over a longer period of time, it would be practical to use the "save password" function (even though the paranoid and secretive would recommend not using this function in such scenarios, the paranoid and secretive would probably want to remove this functionality altogether).