Have the possibility to have multiple accounts

[clenrock]

• Parent issues: #27

• Estimated effort: 5

• • *

User story

As a user I want to be able to use multiple accounts, so that I can send certain people one public key while I can send another to other people.

What

This adds an option to create multiple accounts and add these to the database. There are 2 ways we can implement this. The first one being 2 totally different accounts, with their separate contacts list. And the other being one account per app, but the choice of which public key to send before connecting to someone.

Why

This resolves the problem that people who use multiple public keys, at for example different computers, will also need 2 phones and two different apps to keep their key on.

How

The two main parts that need to be changed is in the database the ability to add new accounts to the account information file. In the app itself it should be possible to create a new account, and to select this account.

Definition of done

• [ ] Give the ability in the app to create an additional account
• [x] Modify the database to handle multiple accounts
• [x] Modify the database to easily add, delete and modify an account
• [ ] Give the ability in the app to choose a certain account (#200)

Notes

We need to make a decision about the problem described in the 'How' paragraph.

EDIT 4-5-17: Made changes by the suggestions from the comments

[ericcornelissen]

Seems like a good idea to me! 👍 I've got some questions tho.

First and foremost, I would suggest to change the name from "Accounts" to "Profiles", but I'm open to other suggestions (accounts just reminds me too much of a thing where you have to login...).

---

There are 2 ways we can implement this. The first one being 2 totally different accounts, with their separate contacts list. And the other being one account per app, but the choice of which public key to send before connecting to someone.

I dislike the first one very much, apart from the fact that a system like this could be useful when the app has to support multiple key-type but even then I would look for alternatives (e.g. possibility to sort by key-type).

The other suggestion you give I don't fully understand, "...one account per app..." seems like a weird proposal to me given the definition of an account...

However, I do like the suggestion of selecting the key before you start connecting to another device. I personally think this is the best solution for the user experience, since it prompts the user with the question (of what key to use) when it matters. This prevents situations where the user is almost all the way through the process of exchanging keys. only to find out that they had the wrong key selected.

Personally I would suggest to keep a single contacts list in which (if needed) it will be possible to sort by key-type.

This resolves the problem that people who use multiple public keys, at for example different computers, will also need 2 phones and two different apps to keep their key on.

I don't agree with this reasons. If you have multiple computers you can use the same key on all of them (however, our app would have to support the possibility to provide your own key pair, but that is a different issue).

The reason I would like to see this feature is so you can have different key-types (e.g. RSA and ed25519) between which you can easily switch.

The two main parts that need to be changed is in the database the ability to add new accounts to the account information file. In the app itself it should be possible to create a new account, and to select this account.

Don't you think it should be possible to modify/update accounts and delete accounts entirely? :wink:

Besides that, this is not just a database issue, other parts of the app have to take this feature into account as well.

---

Some final remarks:

• The estimated effort has to be specified in absolute terms (I believe, correct me if I'm wrong @jverbraeken)
• Can you make the Definitions of done a little bit more explicit? (e.g. specify how the account can be chosen in the app).
• Can you add the missing points under Definitions of done regarding, updating and deleting an account record.
• Also, I would like to ask @MrHug what he thinks of this feature 🙂

[MrHug]

:+1:

(I can respond in more detail tomorrow if required)

On Wed, 3 May 2017 21:58 Eric Cornelissen, notifications@github.com wrote:

Seems like a good idea to me! 👍 I've got some questions tho.

First and foremost, I would suggest to change the name from "Accounts" to "Profiles", but I'm open to other suggestions (accounts just reminds me too much of a thing where you have to login...).

There are 2 ways we can implement this. The first one being 2 totally different accounts, with their separate contacts list. And the other being one account per app, but the choice of which public key to send before connecting to someone.

I dislike the first one very much, apart from the fact that a system like this could be useful when the app has to support multiple key-type but even then I would look for alternatives (e.g. possibility to sort by key-type).

The other suggestion you give I don't fully understand, "...one account per app..." seems like a weird proposal to me given the definition of an account...

However, I do like the suggestion of selecting the key before you start connecting to another device. I personally think this is the best solution for the user experience, since it prompts the user with the question (of what key to use) when it matters. This prevents situations where the user is almost all the way through the process of exchanging keys. only to find out that they had the wrong key selected.

Personally I would suggest to keep a single contacts list in which (if needed) it will be possible to sort by key-type.

This resolves the problem that people who use multiple public keys, at for example different computers, will also need 2 phones and two different apps to keep their key on.

I don't agree with this reasons. If you have multiple computers you can use the same key on all of them (however, our app would have to support the possibility to provide your own key pair, but that is a different issue).

The reason I would like to see this feature is so you can have different key-types (e.g. RSA and ed25519) between which you can easily switch.

The two main parts that need to be changed is in the database the ability to add new accounts to the account information file. In the app itself it should be possible to create a new account, and to select this account.

Don't you think it should be possible to modify/update accounts and delete accounts entirely? 😉

Besides that, this is not just a database issue, other parts of the app have to take this feature into account as well.

Some final remarks:

• The estimated effort has to be specified in absolute terms (I believe, correct me if I'm wrong @jverbraeken https://github.com/jverbraeken)
• Can you make the Definitions of done a little bit more explicit? (e.g. specify how the account can be chosen in the app).
• Can you add the missing points under Definitions of done regarding, updating and deleting an account record.
• Also, I would like to ask @MrHug https://github.com/MrHug what he thinks of this feature 🙂

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ericcornelissen/NervousFish/issues/50#issuecomment-299018209, or mute the thread https://github.com/notifications/unsubscribe-auth/ADE2My6GlmRqw3-M2-swdD1ZGOgVHD0Jks5r2NxOgaJpZM4NP2Uw .

[ericcornelissen]

@MrHug, If you want to that would be great 😄

[MrHug]

However, I do like the suggestion of selecting the key before you start connecting to another device. I personally think this is the best solution for the user experience, since it prompts the user with the question (of what key to use) when it matters. This prevents situations where the user is almost all the way through the process of exchanging keys. only to find out that they had the wrong key selected.

I like this idea. I myself have several public keys (laptop, phone, desktop, windows on desktop, windows on laptop), so if you have the option to import keys, then I would also like the option to select what key I am going to exchange.

In fact, for the idea of "building a web of trust" it might be good if I could even give you keys of people I have met. I.e. Imagine I have the key of myself and user "Phoenix" and I meet user "Maya". She might be very interested in Phoenix's key as well, so she could get that from me. (The trust associated with Phoenix's key should be upperbound by her trust in me though as she has not verified this key with Phoenix directly. But other projects like the blockchain guys or the iban bank transfers guys can take care of that :P)

I am not sure about having to completely switch account... That seems like a lot of hassle.

[ericcornelissen]

In fact, for the idea of "building a web of trust" it might be good if I could even give you keys of people I have met.

This seems like a good idea to me as well. We had the idea ourselves as well, but have not yet had time to work it out to a formal issue 😄

I am not sure about having to completely switch account... That seems like a lot of hassle.

I agree, just selecting the key(s) you want exchange should be enough I imagine.

[TheBonheurs]

I think the why and the how points have been thoroughly examined and critiqued by the previous commenters, with which I agree. What I could add of value is the discussion in the what section about having accounts and what not. I think if you are a bit more tech savy , you can profit from importing different keys and being able to manualy change the key you are about to exchange, and thus not realy on accounts/profiles. But for the avarage Joe, who doesn't know what his public/private key is and is just relying on the app to provide him with that, especially if there are multiple people that have used the app on his device (meaning there might be multiple key pairs imported to/created in his device) it might be very hard for such a person to distinguish his own key, or even more abstract, deciding which key he wants to exchange. In such a setting, if I were that user, I would definitely prefer something with accounts/profiles where I can easily switch between key pairs assigned to some form of identification in order to find yourself as a user and directly have the right key or maybe a set of your own keys with clear distinctions so the user can make the proper choice. One thing is to maybe even filter contacts (only public keys) but that is a bit of off-topic.

[clenrock]

Thanks a lot for answering guys.

@ericcornelissen I agree that it would be better to have one app where multiple key pairs can be added. With accounts I meant that when logging in you can choose for 'account of Alice' or 'account of Bob', which are totally seperated with separate contacts lists and seperate keys. But having only one 'account' where multiple keys can be added would be nice. For your second point, in the issue I tried to give an example of when you have multiple keys. Because we only allow 1 key at the moment, you would need multiple apps when you want to use multiple keys. This problem can be fixed by the point above. Lastly, good point about the things that need to be done 😉

@MrHug Thanks for your response. I also agree that the ability to send public keys from your contacts list to someone would be a great addition!

@TheBonheurs Our target audience is more the tech savvy person instead of the average Joe, but your point still stands. We need to think through how we are going to implement it and how to make it as user friendly as possible. An example would be that you could easily give names to your own key pairs, like "email key pair" and "upload files key pair".

For @ericcornelissen and @TheBonheurs , do you think this issue is a 'should have' or a 'could have'. I gave the label 'should have' for now.

[TheBonheurs]

@clenrock From the specification of our app I think it falls under could have, but I'm actually with you on this one and think should have is the right way to go.

[ericcornelissen]

Our target audience is more the tech savvy person instead of the average Joe, but your point still stands. We need to think through how we are going to implement it and how to make it as user friendly as possible.

I think the best solution for the average Joe would be to not show him that there are multiple keys... By that I mean that if there is only one key in the system, the "select a key" activity (however that will be implemented) will simply be skipped as it doesn't apply. Only if the user goes into the settings and adds more keys, this activity becomes visible.

An example would be that you could easily give names to your own key pairs, like "email key pair" and "upload files key pair".

This seemed like a no-brainer to me, but its good have mentioned it.

do you think this issue is a 'should have' or a 'could have'. I gave the label 'should have' for now.

I think it should be a "should have" as well, so we'll keep it that way 🙂