[2.5] Present an error message that disallows the use of Incognito with the BTS wallet #364
Comments
|
I think this write-up explains the problem pretty clearly. Do we have a way to immediately inform users that they cannot use incognito with the BTS wallet? This should be a priority bug IMO. |
wmbutler
added
[3] Bug
|
The banner can be much like the one we use to display unsupported browsers, but users should not be able to bypass it. |
wmbutler
changed the title
wmbutler
changed the title
|
strange, recently used incognito to sign-up a test acc on OL, no problems. |
|
Incognito won't keep localstorage. Huge problem that I don't believe can be overcome. @svk31 ? |
|
Right, it's the localstorage and database storage that make it not suitable. It still works fine with password model logins and to create new accounts, but nothing is stored for the next time you open the browser. |
|
Should I UX this? |
|
|
|
it does support incognito though. you can sign-up and login, I do it all the time |
|
ok, will you take the full time support job of answering people's questions when they don't understand why it breaks due to non-persistent localstorage? |
|
first of all, this is neither a bug nor high priority, if you want to start arguing. seconds, move to account model only on registration would ease a lot of support requests and make this issue obsolete too. |
|
Increased bounty to 2.5 hours. |
wmbutler
changed the title
|
I don't think that original error has anything to do with incognito mode, seems like it's a faucet issue maybe. Without a console log it's hard to say. Account creation works fine in incognito mode if you use the password model like the @btsfav says, and it's quite nice to be able to use it that way. If you insist on having a message like this I suggest we provide a way to say "OK I understand, let me continue anyway".. |
|
@svk31 There are other features which do not work in other browsers in incognito mode. Firefox was very buggy. If all of you agree on a button I can add it. |
|
We only officially support Chrome so you don't have to worry about Firefox. I've just successfully created an account in incognito mode in Chrome so there's nothing to indicate there's an actual issue here. |
|
incognito mode should stay available, but a warning and backup reminder would be good. |
|
Updated to include a dismissable warning...
|
|
We are not giving appropriate credit to how damaging this issue is to users who choose the wallet model. Incognito mode does not work for the wallet model. Steps to reproduce:
At this point, it appears to the user that they never imported an account. They have to repeat the entire process. I think it's irresponsible for us to allow users to use incognito mode. We gain nothing but support problems and scars to the bts reputation by allowing users to continue on this path. |
|
wallet model should be available for advanced users and not beginners. |
|
@btswolf why are you against it? I think your logic that wallet mode is only for advanced users is unfounded. To the contrary, I think that the wallet model is a much safer implementation than account mode. Account mode can be hacked with just a username and password. We are giving users a false sense of security by recommending it over wallet mode. |
|
@btswolf As is now implemented, there is no disabling or forbidding, only a warning |
|
Although I'm arguing that it should be disabled because there is no benefit to incognito mode. |
|
@wmbutler it's always security vs. usability. Incognito mode is great for troubleshooting and many people are using it for everyday browsing, "believing" it is more secure then non-icognito. Instead of disabling it the GUI could WARN if you try to import or create a wallet model. |
|
You didn't state a single benefit of incognito. Believing something is not the same as being true. I would suggest that in order to satisfy all of our users (wallet mode and account mode), that we disallow the use of incognito mode. There is no downside to this strategy because both wallet modes work properly. @calvinfroedge @svk31, I'm hoping you understand my reasoning here. Imagine the frustration a wallet user faces if they set up a new account and immediately lose it. |
Why would you allow a user to perform an operation that will, with certainty, disallow them access? Ths line of reasoning makes zero sense to me. We should not even present the wallet model if a user is using incognito. |
|
incognito allows for secure and traceless logout. |
I've seen this in the non-incognito mode as well, so incognito may not be the problem.
Troubleshooting without the need to clear real browser cache is a huge benefit for me. |
|
Let's approach this a different way. If Incognito is detected, redirect the user to this page only. This way, we do not present a breakable path to the user.
|
|
I've tried creating both wallet and account models in incognito mode. When I attempt to login with either of those accounts from a new incognito window, neither work. This is utterly ridiculous that we support incognito mode under any circumstance. Watch:
|
|
The BTS wallet simply does not work in incognito mode. If you disagree, please post screencast evidence to the contrary. NOTE: you must close the incognito browser and open a new one to test thoroughly. |
|
Change the text on the modal and remove the button. "This Bitshares Wallet relies on Local Storage which is not persistent with Incognito. Please launch a regular browsing session." Remove the "I understand" button. Pro users, can of course bypass this by hitting a registration endpoint manually. |
|
I did the same test and I agree that incognito is not working flawlessly and it should be not supported like other browsers are not supported too. But actually I only had to click the login button twice to get past the password error so it cannot be completely screwed. However all I want and other users too is the ability to use it, even if buggy and unsupported. A big warning that "it is not supported and by using it you risk the total loss of your account and funds" should do it. |
|
@svk31 observed the same and is looking into a bug fix. If he is able to fix it, I'll recommend only allowing account creation but disallow wallet creation. |
|
screencast of a full use in incog: https://vid.me/hlRlA |
This was brought to me by another user trying to create an account:
When creating new account here https://bitshares.org/wallet/#/create-account/password
he got stuck at the three dot animation screen after hitting the button. I replicated it as well immediately and took a screenshot.
tested on: 1) windows7, incognito-chrome 2) ubuntu 14 , chrome
The text was updated successfully, but these errors were encountered: