Closed Bug 1379581 Opened 8 years ago Closed 7 years ago

[Form Autofill] Make Phishing Warning accurate

Categories

(Toolkit :: Form Manager, enhancement)

Product:
Toolkit
Component:
Form Manager
Version:
56 Branch
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: aflorinescu, Unassigned)

References

Details

(Whiteboard: [form autofill])

[Description:] I believe we could have the phishing warning to be a bit more accurate. 1. We could have the current design be more accurate, throwing some ",.." at the end of the message: "Also fill in Company, phone, address, email, .." 2. Another thing that I'd like to suggest would be to change the entire warning message, since I think it will actually hold more value for the user: "Filling in (x fields): Company, phone, address, email, .." IMHO, telling the user how many fields are we going to fill in might hold more value than showing several fields. I also understand that space is of concern, so, I would trade a field in the warning for the fields counter.
(In reply to Adrian Florinescu [:AdrianSV] from comment #0) > [Description:] > I believe we could have the phishing warning to be a bit more accurate. > > 1. > We could have the current design be more accurate, throwing some ",.." at > the end of the message: > "Also fill in Company, phone, address, email, .." I don't see how adding an ellipsis is more accurate? What problem are you trying to solve with that? > 2. > Another thing that I'd like to suggest would be to change the entire warning > message, since I think it will actually hold more value for the user: > "Filling in (x fields): Company, phone, address, email, .." > IMHO, telling the user how many fields are we going to fill in might hold > more value than showing several fields. Hmm… either way the user is going to have to cross-reference with the page though… Could you elaborate more on why you think this is better? > I also understand that space is of concern, so, I would trade a field in the > warning for the fields counter. I'm not sure what you mean by this
Whiteboard: [form autofill]
(In reply to Matthew N. [:MattN] (huge backlog; PM if requests are blocking you) from comment #1) > I don't see how adding an ellipsis is more accurate? What problem are you > trying to solve with that? On a second thought, I think that actually adding ellipsis makes it worse, so let's ignore that part. Also, it might be that "accurate" is really a bad word in this context. > Hmm… either way the user is going to have to cross-reference with the page > though… Could you elaborate more on why you think this is better? The way I see it, the "accurate" solution would be to have the phishing warning list all the fields there (-not actually suggesting this-), but as we do it now, we only list 4, so when I fill in a regular form, it will auto-fill 7 fields and the warning will still show me 4 fields. As that happens once my brain already connects that the warning is mostly informative, with no other value. We shouldn't expect that today's (shopping) user will play with the auto-fill to spot how the warning is dynamically populated: the user opens the form, fills the form, moves on. So, by the time a possible phishing attack happens, the warning should be like a road sign on a route that you do daily: you know what is says, but you don't really pay attention to it anymore. Having a counter in the phishing warning just seems to me intuitively correct: the warning says 5 fields are filled in, I have 5 fields being filled, fine - but when I have only 3 visible fields... what's going on? - at this point my user antennas gonna get tingly. All in all, I say counting fields and comparing numbers is easier that reading and comparing labels. On the other hand, I also think that the counter warning message would also add clarity in the sense that not all the filled in fields are actually listed in the phishing warning message. >> I also understand that space is of concern, so, I would trade a field in the >> warning for the fields counter. > I'm not sure what you mean by this The counter message is slightly a longer string that the current one, so thought was that probably, if we chose to implement that counter version, instead of showing max 4 fields as we do it now, we will probably have to show only max 3 - which in my view would be a fair trade.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.