Change the layout when you enter a password
No, you do not think, this topic is not about the punto switch and the like. Today I once again helped my friend enter a password from her mailbox. She simply assured that she introduces everything exactly as she did yesterday. Yes, it was so, only she introduced in the Russian layout, and the system, of course, swore.
On the basis of all this, an idea emerged.
Many of us are engaged in the development of websites and other portals, where an authorization system is often simply necessary. But at the same time, many users often enter passwords in the wrong layout. So maybe they still forgive it?
1. The user has entered the password: “ytsu”
2. The system hashed the entered one, compares it with the hash from the database, there is no match.
3. The system translates the entered password into the Latin alphabet (“qwe”), hashes, compares. There is a coincidence.
4. The user logs on to the site.
5. Pops up a message stating that the password was entered in the wrong layout, but the system has missed a kind and negligent user.
')
1. For many not very experienced users, this approach will save a lot of nerves.
1. System resources for "pledging" will be required more.
2. Security decreases (possible combinations of password entry becomes less)
There is already someone who needs to look at what is more important, and at what audience the product is being developed.
Similarly, you can discuss the idea with kapslok =)
Criticism, comments, suggestions?
On the basis of all this, an idea emerged.
Many of us are engaged in the development of websites and other portals, where an authorization system is often simply necessary. But at the same time, many users often enter passwords in the wrong layout. So maybe they still forgive it?
scheme of work
( we will allow the password of the qwe user )1. The user has entered the password: “ytsu”
2. The system hashed the entered one, compares it with the hash from the database, there is no match.
3. The system translates the entered password into the Latin alphabet (“qwe”), hashes, compares. There is a coincidence.
4. The user logs on to the site.
5. Pops up a message stating that the password was entered in the wrong layout, but the system has missed a kind and negligent user.
')
Pros:
1. For many not very experienced users, this approach will save a lot of nerves.
Minuses:
1. System resources for "pledging" will be required more.
2. Security decreases (possible combinations of password entry becomes less)
There is already someone who needs to look at what is more important, and at what audience the product is being developed.
Similarly, you can discuss the idea with kapslok =)
Criticism, comments, suggestions?
Source: https://habr.com/ru/post/50553/
All Articles