Closed dabura667 closed 9 years ago
We had it before but pulled it out, and instead, as soon as a passphrase is generated we make sure that people understand that if they lose their passphrase they lose their money:
The requested feature certainly has design and security implications. My attitude towards it is that we'll wait and see. If enough people request for it, we'll work on it :)
Ok, well instead of saying "If I lose my passphrase I could lose..." that message should be more clear that "THIS PASSPHRASE WILL NEVER BE SHOWN AGAIN, SO WRITE IT DOWN."
Also, a user who didn't know better might think "oh it's a website so I can just log in on a new device and enter my pin and I should have my wallet, right?" and not have the convenience of using the same wallet on desktop and mobile via web browser.
I think the feature can be a hidden one... but having the feature not exist at all makes it difficult to recommend to friends that I know are not the brightest. This is why I recommend maybe long press on a place that normally no one would long press, etc. as like a "hidden feature"
Edit: of course, using the hidden feature will prompt for the PIN and show a warning before showing the seed.
"THIS PASSPHRASE WILL NEVER BE SHOWN AGAIN, SO WRITE IT DOWN."
@dabura667 I like the language. We might downcase that.
@haustraliaer @jenbennings what are your thoughts on such "hidden features" UX wise?
I've spent some time this afternoon adjusting the copy/structure of this. This is what I've proposed in the latest commit (above):
@jenbennings Might I suggest making the text red?
or whatever the polar opposite on the color spectrum is to the yellowish background.
"I have written down or otherwise securely stored my passphrase" would be better because most people will likely not write it down, but digitally stored it in one way or another.
I would definitely want to be able to see the passphrase later on demand. I don't think there are any wallets that use seed phrases but only show them once and never ever again, there's just something scary about that... Of course we can hide it somewhere deep in the sidebar and ask for the PIN again before showing it.
Is there a way to show the seed in the java console?
@jsuder I'm counting on that "something scary" so that people actually save the passphrase somewhere. I don't want them to think "oh I can always save that later", then forget about it until one day they accidentally cleaned their browser cache.
@weilu If so, then I would say make the seed display box not selectable and then after checking the "I have written it down" button make the next screen require them to type it in.
Electrum does this, but it can be copied. However, the seed can be viewed any time with the password.
If you will never show it again, usability should be thrown out the window as long as we ensure that they have definitely written it down on paper.
Changing title of issue to "Remove ability to copy seed / Add seed check screen."
I don't think you should stay in this awkward limbo. Either force them to write the seed down, regardless of the clunkiness or click through rate, or give the user SOME option to display it in the future.
The current spec, no matter how much you red flag it for the user is not enough. They need to be forced to write it down.
Early on in the process we explored several ways in which we could dictate the auth process a lot more, however the feedback we received from users was predominately negative. For example, here is a prototype where we proposed that individual words of the passphrase would be displayed one-by-one. Conceivably the user would be prompted to enter the passphrase after this process, making it impossible to (as you say) not write it down. Ultimately this threw up too many roadblocks, and was counter to the idea that it is simple to set up a wallet.
Either force them to write the seed down, regardless of the clunkiness or click through rate, or give the user SOME option to display it in the future.
We have already discussed the ability to view your passphrase from within the wallet, so out of the two options, is much more likely to happen.
UX issue to be solved in Hive 2.0.
I think it is important to write down the seed, but some people may forget to write it down, and later want to export it to another device / make a backup of their hive wallet after creation.
What are your thoughts on this functionality?
Maybe call it "Show backup phrase", then show a warning message that says anyone who knows this phrase can use your bitcoins, then require PIN.
These features I am suggesting are geared more towards the "I want to verify what my app is telling me independently" type people. This might not be the audience, but these features should have some sort of non-intuitive way to enable them. (hidden advanced mode or long presses that are longer than most people would ever think to hold a button, etc.)