FaceID is cool... but....

  • New Wordpress Plug-In Forum
    Guest:

    Just a note that we have a new forum to contain discussions relating to the Wordpress plug-in which Daniel Persson originated and has been making great progress on. You'll find it under "Server-Side Solutions."

    /Steve.

Mar 10, 2019
9
4
Ok, just played around logging out and in a few times. Wow, it's getting to be like magic.

This time Jeff's client asked me if I wanted to use Face ID. I said yes, and -poof- I was just on. This is exactly the kind of experience I think that will make SQRL catch on.

There may be a GUI issue though. After indicating you want to scan a QR code to login, a toggle appears (it looks like its for some advance stuff, so naturally, I want to diddle with it). However, the Apple's facial recognition authenticator visual notification pops up over the toggle. And Jeff's client is so fast that I find I'm already logged in and the toggle switch I want to play with is already removed once the authentication indicator goes away.

FYI, it'd be nice if on the "Scan SQRL QR code" screen it showed which profile was in use (and maybe the QR code for it, so it'd be useful to replicate to other devices; underneath could be a "link" saying 'Switch Profiles' to go to somewhere to choose or create a new one).
 
  • Like
Reactions: Fixed.Computer

Jeffa

Well-known member
May 20, 2018
133
49
Ok, just played around logging out and in a few times. Wow, it's getting to be like magic.

This time Jeff's client asked me if I wanted to use Face ID. I said yes, and -poof- I was just on. This is exactly the kind of experience I think that will make SQRL catch on.

There may be a GUI issue though. After indicating you want to scan a QR code to login, a toggle appears (it looks like its for some advance stuff, so naturally, I want to diddle with it). However, the Apple's facial recognition authenticator visual notification pops up over the toggle. And Jeff's client is so fast that I find I'm already logged in and the toggle switch I want to play with is already removed once the authentication indicator goes away.

FYI, it'd be nice if on the "Scan SQRL QR code" screen it showed which profile was in use (and maybe the QR code for it, so it'd be useful to replicate to other devices; underneath could be a "link" saying 'Switch Profiles' to go to somewhere to choose or create a new one).
Hi Walt,

This is mosty because I am experimenting with automatically using the biometric auth if the app has all it needs when it hits the logon page. I agree its not right yet. I am struggling to get the correct balance.

You can toggle auto use of biometrics off in Settings.

I used to ask users to tap the touch id fingerprint to use biometrics, but many saw this extra step as irritating and unnecessary. As time goes on I am swaying back the other way. The "password" view has too many important jobs with SQRL for it to be dismissed automatically, even though in 95%+ of cases the user will just want to auth and move on

As for the ability to choose a profile, I assume you mean an identity?

I am seriously considering removing the multiple identity support from the app all together.
 

Steve

Administrator
Staff member
May 6, 2018
992
290
www.grc.com
I am seriously considering removing the multiple identity support from the app all together.
Yay!!! That's music to my ears, Jeff. I think that would be a VERY good move. (Or perhaps find some way to DEEPLY bury it?)

Especially for a phone, which is very much a one-user device, I think that multiple identities are unnecessary and pose an unnecessary source of confusion and SQRL misuse.

I have them on my client -- and I'm NOT happy about it -- because the case was made that multiple people in a household might be sharing a single logon session environment. With website logons being sticky, that seems unlikely and inherently risky, but I was convinced.

However, I REALLY think that multiple SQRL identities, especially for a personal device like a smartphone, are (much) more trouble than they are worth.

That said, I do fear that some people might take strong offense to this (I'm sure we'll hear from some here). So I fear that not allowing them at all might open your app to criticism. Could you perhaps have a config page over under the "Settings" app, where multiple identities could be enabled, and perhaps also chosen and managed? I don't know enough about the layout of iOS apps... but could you move ALL of multiple identity management over there and completely out of the app?

And if you should decide to remove multiple identity support... you have my FULL support for doing so. I'm not happy to have it in my app since I'm very afraid that it's going to be misunderstood and misused. The whole POINT of SQRL is no longer needing to keep track of such things. And we have the "Alt-IDs" for additional ad-hoc identities.

One thought: Someone who, for some reason, insists upon having multiple identities with a single-identity SQRL client could simply keep two or more identity QR codes printed out in their wallet and import an alternative identity on-the-fly when they need to change the one that's loaded into their phone. That's a useful work-around for someone who claims to need more than one.
 
Last edited:

0.NRG

Active member
May 19, 2018
43
10
@Jeffa @Steve Perhaps the multiple identity feature should be paused/set aside for now. I agree it probably would not be used much, especially on a phone. Now, on an iPad that might be shared with more than one person, I think the issue is more murky. For years, we had an iPad that was shared with the family, especially multiple offspring. I am in fact looking at getting another (new) iPad for that sort of thing. It might not be a primary device for anyone, but might be used by multiple people at times. In that case, multiple identities would be nice.

That said, Apple allows multiple fingerprints for Touch ID, but not multiple faces/models for Face ID. So, multiple people using a new iPad could get tricky if trying to use anything more than an Apple ID and password along with a passcode.
 
  • Like
Reactions: Walt Stoneburner

Gristle

Well-known member
Feb 16, 2019
341
70
I support 100% the removal of multiple identities.

I don't believe iOS settings will allow complex logic enough to support the entire identity management code, so my suggestion would be to have a toggle switch there instead "enable multiple identities? (Not recommended)" then your app could read that toggle and show or hide the multiple identity UI. I also feel the settings app is already sufficiently buried. I would bet most people here don't even know Jeff's client has options to play with in there, since it's not a common place to visit.

I think once SQRL is out in the open, it would make sense to just remove multiple identities altogether, but for testing, demoing, and evangelizing SQRL, it's very useful.

Re: multiple user iPad, I don't think the multiple fingerprints and faces was intended as a workaround to enable multi-user support. I would argue that if multiple people have the login credentials to a single user iPad, then from the perspective of the iPad and the SQRL client, they are the same person. I don't think it's fair to put the burden of discriminating multiple users onto the SQRL client when that really should be the operating system's job.
 

PHolder

Well-known member
May 19, 2018
918
124
remove multiple identities altogether
No one has yet explained to me how they intend to handle a situation where they want (or need) an identity for home and a different one for work. I think this would, or will, become very common. It would be great if every company gave you company only resources, and if every employee only used said resources for company operations, but we know this to be false. If I want to quickly check the company email on my iOS device, it should be possible without having to do anything more complex then telling SQRL that temporarily "this is my work personality."
 
  • Like
Reactions: 0.NRG

Gristle

Well-known member
Feb 16, 2019
341
70
Yes, that's a good point. It would suck to keep re-importing each time you switch contexts.

It also occurred to me that I have multiple logins for lots of sites. Take gmail, for instance. How would SQRL work if I have 4-5 different logins to gmail.com if I have only only SQRL identity?
 
  • Like
Reactions: 0.NRG

Dave

Well-known member
May 19, 2018
388
73
Gardner, MA
Yes, that's a good point. It would suck to keep re-importing each time you switch contexts.

It also occurred to me that I have multiple logins for lots of sites. Take gmail, for instance. How would SQRL work if I have 4-5 different logins to gmail.com if I have only only SQRL identity?
That's precisely where alternate identities come in. You could use any text you want as an alternate id string. Which results in a completely different SQRL identity that is effectively entirely unrelated to your regular one. You could have your default one (empty alternate id string) and "work" or "2" or "not me"
 
  • Like
Reactions: Walt Stoneburner

Steve

Administrator
Staff member
May 6, 2018
992
290
www.grc.com
@0.NRG and @Thayne : As Dave said, this is EXACTLY why we have Alt-IDs. Alt-IDs are "lightweight" forks of a user's primary identity. They can be either Ad Hoc or permanent. In @PHolder 's case, a user would have their own primary identity... and would use "corp" or "c" or whatever as their Corporate identity. It is possible to create synthetic use-cases where multiple identities are required. But they are synthetic. And no one is saying that multiple identities should never exist, only that they must not clutter up the UI and the user's experience. Arranging to bury them will be just fine.
 
  • Like
Reactions: 0.NRG

PHolder

Well-known member
May 19, 2018
918
124
In @PHolder 's case, a user would have their own primary identity... and would use "corp" or "c" or whatever as their Corporate identity.
@Steve:

This will not work. I don't want to insult you, but perhaps you don't understand that a corporation is its own legal entity. There WILL be occasions where a corporation will want its own legal identity that belongs to no one, but is loaned to a corporate employee. (Say a person who is hired for social engagement required to post to the corporate Twatter and FaceBroke accounts.) Yes I know MSA could solve this, if the site implements it (they may not want to for their own reasons, such as knowing that the one ID is one and only one person, aka "True identity" or whatever they call that process that gives people extra verification and check marks, etc.) (And yes I know it could be argued that that is wrong... and on and on and on...)

What I am saying is simply this: If you don't want to be a block to your own success, stop being so obstinate about convincing the world the way they WANT to operate is wrong by preventing it in the UI. There are many, visceral, reasons why people will fight the concept that some piece of software is telling them they can't compartmentalize their life.
 

Carl

Member
May 19, 2018
15
5
I totally understand the inclination to try and make people use a device, an operating system, and a program in their intended ways - for users' own good, and to encourage "correct" usage and better security whenever this is possible. I get it. Not trying to "steer people in the right way" would be awfully painful - and there's definitely a very real risk that improper use would increase without such guidance.

Just please remember that it's not all about creating the THEORETICALLY BEST possible solution - it's also important that it works for people, and for how people use technology. For SQRL use to become widespread, it would probably be good if it were as close to a drop-in replacement of today's world of usernames and passwords as possible, and force as few behavioral changes and device usage changes as possible. Some changes will definitely be necessary, of course.

If a couple shares a computer, and never even logs out of their one shared computer (OS) account, and they are used to doing it this way, it would be in the interest of SQRL to continue to let both of these people easily log in to various sites. The same goes for that shared iPad (or similar Android device) that they have laying on the table by the TV (and primarily use to cast Netflix from :)). Maybe an iPad doesn't get used AS much to log in to different sites, but I know that I would not be too happy if my wife had her SQRL identity installed there and I had to get up and go look for my phone to use that to complete the login on the iPad that I wanted to do...

As I've mentioned before when this discussion came up a few years ago, the above example (with the shared computer account and shared Android tablet) is exactly how we have it in my family, and no, no matter how primitive and "wrong" this might sound, we are not about to change anything about that (getting personal tablets or separate computer accounts). And the further you step away from forums with "best practices" computer programmers/enthusiasts, the more common you will find this device/account sharing to be, I believe. Maybe it's a Swedish thing (what do you say @kalaspuffar ?), because I feel like I see it all the time here - even with friends from Chalmers (technical university) that are married and have a family. Maybe it's a socialist thing? :)

Anyway, as always, I guess it's about finding the right balance (in this case: the balance between guiding users, and strong-arming them). I hope a good balance will be found here too.
 
Mar 10, 2019
9
4
I am seriously considering removing the multiple identity support from the app all together.
My vote would be not to remove it, but allow them in some advanced mode.

The normal use case is that an end user is going to have one identity, and that's that.

However, there are cases where you do want multiple identities. The first is when you're developing a system with SQRL in mind, you likely want to be able to make various test accounts to validate things work as you like. It's unrealistic to assume one has that many spare phones around.

The second involves those cases where some of us have a need to keep our work and personal lives separate, or a desire to keep our activities compartmentalized. e.g., I use a different AWS identity for myself than when I am working for work or a client. I don't want my wife's Amazon recommendations appearing in my lists. I've got multiple Steam accounts for historic reasons. I imagine that people have multiple social media accounts as well, often one for personal and one (or more) for business.

(Steve, the solution -- though you may have already addressed it {I'm new here} -- is that a person has one identity and multiple roles.)
 
  • Like
Reactions: Hzy
Mar 10, 2019
9
4
Especially for a phone, which is very much a one-user device, I think that multiple identities are unnecessary and pose an unnecessary source of confusion and SQRL misuse.
Wanted to point folks to the resource "Falsehoods Programmers Believe About Phone Numbers," and while this discussion thread isn't about phone numbers, and the resource is far more comprehensive than just phones themselves. True, while I think Apple and Google would like to treat a phone as a one-user device (and it may be for many), for a non-zero non-trivial amount it's a shared resource [e.g., with family and friends].

But at the same time, because of cost and convenience, I neither have a work cell and a personal cell; the one device has to act as both roles.

Incidentally, the way 1Password resolves this nicely is to have "individual vaults" (each password protected). One device, one app, multiple roles/users.

I just want to make sure that we don't dismiss a use case prematurely that may be an important need to some and verging on pointless for others.
 

kalaspuffar

Well-known member
May 19, 2018
269
91
Sweden
coderinsights.com
And the further you step away from forums with "best practices" computer programmers/enthusiasts, the more common you will find this device/account sharing to be, I believe. Maybe it's a Swedish thing (what do you say @kalaspuffar ?), because I feel like I see it all the time here - even with friends from Chalmers (technical university) that are married and have a family. Maybe it's a socialist thing? :)
Well, if you are married you share everything ... right? :)
 
  • Like
Reactions: Hzy and Carl

PHolder

Well-known member
May 19, 2018
918
124
There are many, visceral, reasons why people will fight the concept that some piece of software is telling them they can't compartmentalize their life.
Perhaps I didn't spell this out as clearly as I might have otherwise... so I will put forward another example. Some people have "secret lives". For example, if a porn site were ever to allow SQRL for login, they might well want to keep that use case 100% separate from their more mundane parts of life. (I actually started to spell out a friends story in regard to this, and thought better of it... in his case it is very complicated and personal.)

... I can't state it any more strongly: there are very real reasons why people will not want everything in their life all wrapped up in one identity.
 
  • Like
Reactions: Hzy

Steve

Administrator
Staff member
May 6, 2018
992
290
www.grc.com
That's not a useful argument/example, Paul, since our existing Alt-ID facility fully supports compartmentalization.

Your best argument you've offered so far is the idea of a third part giving someone an identity for them to use and share. That's the best argument, I think.