[Sigia-l] password retrieving

Mauro Pinheiro mauropr at corp.globo.com
Mon Oct 13 15:28:16 EDT 2003 

Hi folks,

I was browsing SIGIA-L archives, looking for "pasword recovering"
discussion, and found a discussion thread that took place in Sep 20 2001.

http://www.info-arch.org/lists/sigia-l/0109/0235.html


I'm returning to this subject because I found the discussion not conclusive,
although many interesting points raised.



We're redesigning Globo.com website. And we had discovered some problems in
the "recover password proccess", during user tests we've made.

Here at Globo.com we've used two different systems in 3 years, the most
common proccess knowned. In the first one, users had a blank field to put a
reminder question...they were supposed to put any question they imagine, and
to give it's answer. If they ever forget their password, they could retrieve
it by answering the question they had made before, after giving their login.
If the information match, they could register another password - we never
show the password.

As this information demmanded more storage (many different questions/answers
to store in our DB), about a year and a half ago the techie guys asked us to
use the other "classic" system, where the users have to pick one question in
a group of questions (pet's name, mothers maiden name etc.) This way we
would have to store only a few questions (about 5).

And so we made it.

When we tested this feature some months ago, we discovered that NONE of the
users have understood how this was supposed to help them. They made comments
like "none of these questions could be answered with my password", or "I
don't have a pet, how I'm I supposed to answer this?".

They simply weren't able to understand the logic of the recovering system.
They couldn't abstract and understand that they would be asked a question
just to assure their iddentity, to prevent others to change their password.

So, at this point some people around are just saying "let's remove this
recovering system"...and this could be a real problem in granting some
secure enviroment to the website...anyone could change others passwords just
giving someone else's login, full name and other stuff.

Me and my staff - HCI people - are very concerned with this. We know that
some kind of recovering system must exist, and we know that both systems we
have used before are very difficult to understand - users simply don't
understand what's going on, even when we had used some text beside the
fields to help understanding how the system works.

I found the previous discussion, and I'm comming back to this discussion to
ask if there is other solution to this problem. In the discussion, people
were concerned if the questions should be based on facts or based on
oppinions...but no one seemmed to be worried about the understanding of the
system itself! And our tests had proved that the major problem is exactly
understandig the logic of this kind of recovering system.

Any thoughts on this subject?
Thanks in advance!

cheers,


mauro pinheiro
----------------------
Globo.com : Criação
+55 (21) 2483.6597
<http://www.globo.com>

More information about the Sigia-l mailing list