Overview
Syllabus
Building an Auth Experience for Humans
This is for making auth SUCK LESS.
15 Rules for User Sign In
Apply inline validation for the email field
Reset password should carry the email into the new form
Offer password reset on the third try
Send a password reset link
Allow password managers to capture the user login credentials
On mobile apps, allow users to use their on-device authentication to login
Single Sign On (SSO) as a login option
Two-step authentication should be a norm for sites that contain sensitive information
Understand user's cognitive load for deeper navigation and design'outs' for errors
Persistent login should be the norm for non-sensitive sites
Don't force the user to login if, without login, the user can complete the journey
Upon login, if the user has items from a previous session, OVERWRITE IT!
Prompt account creation after the primary journey has been completed
Status links should not ask for logins (i.e. orders)
Abandoned Carts links should not prompt for login
Visibility of system status
Match between system and the real world
User control and freedom
Consistency and standards
Error prevention
Recognition rather than recall
Flexibility and efficiency of use
Aesthetic and minimalist design
diagnose, and recover from
Help and documentation
Cloud Identity is the house and the doorframe. You design the door.
Don't wait for a designer to take care of your users.
Taught by
Okta