.Mac authentication overkill
Posted by Pierre Igot in: MacintoshMarch 24th, 2005 • 6:02 am
Go to www.mac.com. Click on “Login” link. Log in. Safari loads the .Mac home page for logged in users. The little lock icon in the top-right corner of the window indicates that you are connected to a secure site.
Now click on “Account” link on left-hand side of home page.
What does .Mac do? It asks you to log in again!
I understand the concerns about security and everything, but this is really overkill. More important, it is utterly non-intuitive and un-Mac-like. What do you mean, I have to log in again? I’ve just logged in!
March 25th, 2005 at Mar 25, 05 | 1:06 am
I guess my problem is with the proximity in time of the two log-in procedures. When I’ve just logged in, asking me to log in again strikes me as purely and simply dumb. There could be some kind of time-out feature that would assume that, if the user has just logged in 30 seconds ago, he’s quite likely to be still there sitting at the machine and doing his own stuff.
Also, I don’t think I should be blamed as a user for other people’s carelessness. If my computer were accessible to anyone but me, I would always make sure that I log out as soon as I’ve done my stuff. If other users are silly enough not to take this simple safety precaution, then I would say it’s their problem, not Apple’s or mine.
March 24th, 2005 at Mar 24, 05 | 9:56 pm
I can understand the thought that this may be overkill. However, it does help prevent unwanted eyes from seeing your account information. I have accessed log-in accounts after leaving them. If you don’t log-out or quit the browser sometimes the account stays available. So by using the redundancy of the account log-in you have a second level of protection, like a locking screen door. It’s the same with most web accounts, I have a Yahoo! account, I log-in, but if I want to change or add account info, I have to log-in again. Maybe .Mac needs some explanation text like they have on the Yahoo! site.
As far as it being un-Mac like, I would disagree. How many times in OS 9 did I have to confirm I wanted to empty the trash. I select the Special-Empty Trash and it still would ask. In OS X, it never asks, which is better. Somethings need redundancy, others don’t. In this case I prefer the double log in.
March 26th, 2005 at Mar 26, 05 | 4:53 pm
“Also, I don?t think I should be blamed as a user for other people?s carelessness.”
Ahhh, the old take responsibility argument. While I agree with the sentiment, I live in America where someone can spill hot coffee in their own lap, then win a jury award of $6 million because McDonalds didn’t warn them hot it was. Sigh, I hate civil litigation.
No one’s blaming you Pierre, it’s just easier to inconvenience everyone and ensure a level of security, than to allow those more willing to take the necessary precautions the option. Too many computer users fail to educate themselves, then get angry when something goes wrong.