Home > Articles > Software Development & Management

12. "Don't Lock Me Out"

Some Web sites offer different access to different users. In other words, some customers can get at some information while others can't. The users who can get at this privileged information will have to identify, or authenticate, themselves to gain access.

Customers don't always react positively to this, wondering what lies behind those magic doors and why they can't get at it too. This negative reaction is greatest when the Web site doesn't explain what the different privileges are or doesn't give customers equal access to the parts that should be available to everyone.

Figure 2-6 Too many homes.


Badly placed and poorly explained authentication

A customer of a consultancy company goes to its Web site to find out what research it has done lately. The home page does not offer any obvious links to research, but there is a navigation bar that offers "Client" as an option. The customer clicks on "Client," given that they are a client, to receive a screen asking for a login id and password. Well, the customer doesn't have a login id or password. There is no explanation as to who has access here or how they go about getting it. The customer then notices a search option in the navigation bar.

Selecting search brings up the same screen as before, just a request for a login id and password. The customer thinks, "Hang on a minute, why can't I search the site to find out about your research, why are you locking me out?" The customer surmises that the search probably relates only to the "locked" information and not to the site in general.

The customer decides to try another route. They go back to the home page and select "Products and Services." This brings up information including mention of an article on one of the consultancy company's recent research studies. The customer thinks, "Aha, I can find out what this research is here." They select the link to the article and get the same screen again, just a request for a login id and password. The customer thinks, "I just want to read the damn article!" By now the customer has decided that they're not going to get the information they want. They grab the phone and call their consultant demanding to know why they aren't allowed to see the consulting company's research. It turns out that all the customer had to do was register, but didn't know that. It's some time before the customer goes back to attempt to find, or complete, the registration process.

The sequence the customer goes through is shown in Figure 2-7.

  • + Share This
  • 🔖 Save To Your Account

Related Resources

There are currently no related titles. Please check back later.