You are viewing a single comment's thread from:

RE: A New DAO is coming to Hive!

in HiveDevs2 years ago

Congrats on your work, I particularly like the clean look of your user interfaces.

Regarding your login process, using private keys should be banned! We have been making efforts to educate people not to use their private keys and there exist other easy-to-use authentication methods, either with a browser or on mobile, which allow authenticating in a secure way. I truly don't understand why application developers still propose using private keys!

Regarding the authentication process, why do it in two steps when it's possible to do it in one step?
I invite you to check how it is implemented, both on browser and on mobile, in a more simple and more effective way on Engage or peakd.

If you have any questions about this or if you need help, feel free to contact me

Sort:  

Thanks, our UI designer is doing a good job :)

The private key method is not the recommended one and we show the screen with the auth options first. The authentication process is one step, if you choose either Keychain or HiveAuth.

The private key option is optional, if for some reason you are not using the auth methods.

I'll talk with the designer to see what changes we can implement to encourage the auth options more and make the private key option less prominent, like making the button smaller or something.

I'll also take a look at Engage's implementation.

Thanks, I appreciate the feedback.

The private key method is not the recommended one [...] is optional [...]

It simply should be removed! I see no reason to keep it when safer alternatives exist.
Any app asking for a private key is a NO-GO for me!

I have never integrated this option in any of my applications and nobody complains about it.
As a witness, security should be one of your main concerns. Educating users about it too.

The option will be removed.

Glad to hear it. Thank you for considering my feedback.

FWIW, I "second" the opinion and advice of @arcange. Good to see you have wisely decided to accept it.

Interesting project. Now following, due to the reblog of this post by @vimukthi.

All the best to you both, for a better tomorrow! 👍