TechQA.

Client does not want invalid logins to redirect

144 views Asked by At

I would like to ask this question to developers who have a good sense of design. I see that whenever a website uses a popup box for their login page, they will always post and then redirect to the next page whether it be content or a dedicated login page for an invalid login error.

I have a client who has been asking to cut out as much page refreshing as possible, including the login function. They would like to see the login error appear on the login popup box without a page refresh.

I have not noticed a web based businesses do this, so I'm wondering if there's a valid reason to avoid this. I personally think that a page refreshing allows users to recognize their input has been registered and the next page appearing will be a solid response to their action either good or bad.

Having no refresh and expecting the user to notice that some error text has appeared seems like a bad idea?

authentication usability
Original Q&A
1

There are 1 answers

2
gbr On BEST ANSWER

Notes

  • The question is most likely more appropriate for https://ux.stackexchange.com .
  • You can find a lot of stuff by searching "ajax logins" in a search engine
  • There already is this question that might indeed be a duplicate of this one. Since I was not sure and I had already wrote most of this answer before finding that I post it nonetheless.
  • The title ought to be changed to a question (maybe something like "Is it a bad idea to use ajax to return login errors?").

Actual Answer

In my opinion ajax logins could indeed make less clear whether there really has been a successful interaction with the server or not.

Some ideas to improve it might be:

  • to include the time of the login request in the error message
  • to explicitly assure in the error message that the credentials have been received and checked
  • to be sure that this error does indeed only occur after the credentials have been determined to be not valid (and not because of problems with scripts or the network, for example).
    A good way to ensure this might be to have the server always send the full text of the error, rather than a code that selects a message stored in the page source (and to be careful its caching).
    This becomes relevant only after the user has been using the site for some time, of course (and has incurred in the error and verified that it was indeed due to a mistake on his part).
  • to use some animated feedback to highlight the dispatch and the reception of the reply to the user. As with the text you should ensure that the animations do not give (too) incorrect indications.

Basically these suggestions would be applicable to any ajax form entry, but they are more important for logins because:

  • in this context it's a lot easier to make typing mistakes (in the typing of the password)
  • and mistakes have a drastic, immediate annoying outcome: the inability to authenticate and the necessity to input again the entire password

And so uncertainties on whether the input has really been received and processed are a lot more bothering.

All in all anyhow it's pretty complex to do this well, with both an appealing appearance and a reassuring feedback.

The ones ajax logins that I've incurred into did not do a good job (I think I have indeed experienced false login errors with them).

You can find several ajax login frameworks/plugins by searching for "ajax logins". I have not looked into any of them.

Related Questions in AUTHENTICATION

Related Questions in USABILITY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions