Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Beautiful Authentication: Tear down the barbed wire

Tiffany Conroy
September 09, 2016
Design
3
750

Beautiful Authentication: Tear down the barbed wire

People don’t ever specifically want to sign in or create an account – they just want the features that being signed in allows. Somewhere between upselling and onboarding, they will run into the wall around your beautiful garden, and be forced to sign in if they want to get inside. I’ll review the ways you can make sure your gated garden isn’t covered in barbed wire. Although this talk is focused on authentication experiences, the ideas apply to many other kinds of features. I use authentication, and in particular my experience with it at SoundCloud, as a case study.

Video from refresh.rocks:
https://www.youtube.com/watch?v=_qzLmsaUwOs

Tiffany Conroy

September 09, 2016
Tweet

More Decks by Tiffany Conroy

See All by Tiffany Conroy
Lions and tigers and handling user capabilities
theophani
1
610
What about the CSSOM?
theophani
3
410
Cutting the fat
theophani
4
540
When to use Ajax and when to reload
theophani
6
1.7k
WebAudio
theophani
1
160
Version Control All The Codes
theophani
12
1.1k
Design Processes, Not Interfaces
theophani
5
1.7k

Other Decks in Design

See All in Design
231129_FOSS4G-ASIA-2023_kato
hjmkth
1
300
Resolving text accessibility dilemmas in UIs
romanshamin
0
130
業務システムのUX/UI設計ノウハウを解説。デザイナー不在で失敗しないために身につけるべき基本とは?
ncdc
2
280
Webアプリケーションアクセシビリティ解説ウェビナー「8章 アクセシブルなUI設計の原理を導く」
magi1125
1
170
あらゆる場面でデザインを駆使するための技術 / Techniques for Applying Design in Any Situation
akiramotomura
4
2.1k
「これをゲームにしたい!」と言われた時ゲームデザイナーが考えること
kinakobooster
5
5.2k
noteのアクセシビリティ これまでのプロダクト・組織へのアプローチとこれからのこと
tatsuyasawanobori
1
1k
成果が出ないユーザーインタビューは何がダメだったのか? ~「誰に聞くか」の探り方 ~
jouykw
10
13k
20231122_Design Leader Impact Award_Presentation_FAKE Okazaki
okazakityo
1
250
Portfolio 2023.07.28
helemarudesu
0
580
現象と向き合うデザイン @Spectrum Tokyo Festival 2023
hirokazu_oda
3
1.3k
モデル・デザイン入門
akitsugu7935
0
460

Featured

See All Featured
10 Git Anti Patterns You Should be Aware of
lemiorhan
648
58k
Mobile First: as difficult as doing things right
swwweet
216
8.6k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
241
1.2M
Building Better People: How to give real-time feedback that sticks.
wjessup
355
18k
Fantastic passwords and where to find them - at NoRuKo
philnash
37
2.5k
The Pragmatic Product Professional
lauravandoore
25
5.8k
What's in a price? How to price your products and services
michaelherold
237
11k
VelocityConf: Rendering Performance Case Studies
addyosmani
320
23k
Learning to Love Humans: Emotional Interface Design
aarron
267
39k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
227
16k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
244
20k
The World Runs on Bad Software
bkeepers
PRO
61
6.7k

Transcript

  1. Beautiful authentication Tear down the barbed wire

  2. Hi, I’m Tiffany @theophani

  3. Beautiful authentication Tear down the barbed wire

  4. flickr.com/photos/fallstreak_holes/14394586240

  5. flickr.com/photos/jonwiley/1465722671

  6. Tear down the barbed wire

  7. Engagement Engagement Engagement

  8. User value

  9. The act of signing in has no inherent value

  10. Some user experiences are best when they are never “experienced”

  11. Authenticated experiences have a high value

  12. Signing in is a pain

  13. Your product on the other side is the prize

  14. Aim: Pain < Prize

  15. A lot of pain = Barbed wire

  16. The case study: our old auth flow

  17. How did we know our authentication was painful?

  18. 1. Analyzing support tickets

  19. 2. Detailed monitoring of authentication endpoints

  20. 3. Usability tests

  21. 4. Tracking the conversion funnel

  22. What was the nature of the pain we found?

  23. Traps: A punishment for entering an expected situation that is

    not ideal

  24. Example Trap: Forgetting your password

  25. Forgetting your password is normal

  26. Avoid traps: Expect common non-ideal situations

  27. Doubled-edged sword: A feature that is meant to protect you,

    but can also hinder you

  28. Example doubled-edged sword: Confirmation modals

  29. Example doubled-edged sword: Passwords

  30. None
  31. None
  32. None
  33. None

  34. Passwordless sign-in is as secure as password reset

  35. Avoid doubled-edged sword: Keep the protection, remove the hinderance

  36. Russian roulette: Forcing someone to make a choice that might

    be wrong … or not

  37. Example of Russian roulette: Making people choose whether they want

    to sign in or create an account

  38. We prompt the user to identify themselves first

  39. None
  40. None

  41. Example Russian roulette: Making people pick a unique display name

    during account creation

  42. Avoid Russian roulette: Remove risky decisions

  43. Friendly fire: When your systems cause errors for the user

    that are no fault of their own

  44. Example of friendly fire: Wrong assumptions about names

  45. Example of friendly fire: Wrong assumptions about email addresses

  46. Avoid friendly fire: Look at error logs and fix bugs

  47. Crossed wires: When users misunderstand what they are doing

  48. Example of crossed wires: People started to create an account,

    but ended up signing in

  49. Confusing language: sign in / sign up

  50. We changed to: sign in / create account

  51. Avoid crossed wires: Make choices distinct

  52. What do you measure to see if you reduced the

    pain?

  53. What do you measure to see the pain?

  54. Task-completion rate

  55. Drop-off points

  56. Time to complete

  57. Usability tests

  58. Volume of support tickets

  59. None

  60. Thank you! Tiffany Conroy – @theophani

  61. None