The very first NIM password prompt -- customer feedback needed.

[Russ Allbery]

"Kevin Koch" <kpkoch at mit.edu> writes:

> MIT support staff believe that users will try to obtain credentials and
> fail, whenever the Windows username isn't the same as the Kerberos
> username.

I believe this is at most a problem with users who have never used NIM
before and will go away as soon as they've seen it a few times.

> Has there been any other user feedback about the password prompt dialog?

> I propose improving the user understanding of the password prompt dialog by:

> . Adding a line of explanation, as in Leash, above the Username line:
> "Enter your Kerberos password."
> . Restoring this Leash behavior: initialize the Username text entry field to
> blank.
> . Changing the text "Username" to the left of the text entry field to
> "Kerberos\r\nUsername."

I'm taking a bit of a stab in the dark here since I'm not a day-to-day
user and may miss some subtleties of the interaction, but at least from
the screenshots that I've seen and from this analysis, I think this is a
bad idea.

Jeff's analysis is correct for Stanford University: "Kerberos" as a label
is likely to be confusing to our less technical users.  We use an internal
branding of "SUNet ID" for a variety of reasons and many users don't know
and don't care what authentication technology is behind it.

I could see the utility of a more general branding mechanism wherein we
could prompt for SUNet IDs, other people prompt for Net IDs, and so forth.
But just hard-coding Kerberos is a step backwards.  The current behavior
is superior to that.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>