Tags:
create new tag
, view all tags
Login names should not default to WikiNames. They are confusing and overly restrict other parts of the system
Do you agree or disagree? Please select one of the radio buttons below and click the button.
I 1 - Strongly disagree   2 - Disagree   3 - am Neutral   4 - Agree   5 - Strongly Agree  


4 VladimirJirasek 12 Jul 2006  
4 VladimirJirasek 12 Jul 2006 Agree: Users usually already have their PC login names so it is easier for them to remember. Also LDAP integration helps to mitigate such confusion and enforces password policy.
2 MattWilkie 24 Apr 2005 disagree because asking people to have two names confuses them; I've had to explain the setup to new users several times, adding to the already strong impression that twiki is too geeky/techy for them. Adding to the confusion, the default generated login name and WikiName is exactly the same except for case (refering to DEVELOP). Better, in my opinion, to just make the login case-insensitive.
2 FranzJosefSilli 21 Apr 2005 Disagree till the mapping between the users login name and his wiki name is consistent all over (it still isn't in the latest SVN source (r4059)).
2 BivasMishra 21 Apr 2005 Is easier to remember and gives an authenticated identity of the user
5 SakthivelNayakan 12 Apr 2005  
5 ShandongHan 29 Jan 2005  
5 GillesEricDescamps 13 Oct 2004
4 RichardDonkin 13 Oct 2004
2 LynnwoodBrown 12 Oct 2004
5 MartinCleaver 12 Oct 2004

Do you agree or disagree? If neither, or I've missed something, please comment.

Reasoning

  1. Newbies dont grok WikiNames
  2. Users want something memorable
  3. Many users names are too long to use as login names
  4. Many users names are not latin1 compliant, and the only reason we force them to be is for the password system.
  5. Users want to be able to choose their login names!

Simple lowercase latin1 names are better

  1. All lowercase is simple, easy to type and easy to remember.
  2. People type their email addresses all the time; most have chosen a username
  3. Even email addresses could be long; user-chosen ones would be shorter.
  4. Email addresses are latin1 compliant; user-chosen ones could be forced to be too. Neither need affect the WikiName
  5. Knowing the login name is half the battle to hacking: hiding them would improve security.

-- MartinCleaver - 12 Oct 2004

My initial inclination is to disagree with you on this one Martin. The benefit of using WikiNames is that it reinforces the wiki convention of using actual names rather than handles. You may or not agree with that but I tend to like it. Supports/compliments transparency aspect of wiki.

Also, why are lowercase latin1 names better? If not WikiNames, why not just have it wide open? Either you'd have to explain WikiNames or lowercase latin1 names. Either one requires some explanation and you've not convinced me that the lowercase latin1 names are that much more obvious.

On a positive note, the increased security argument of not having the login name the same as displayed WikiNames does make sense to me. You whould add that to your "reasoning."

-- LynnwoodBrown - 12 Oct 2004

Latin1 names are better for login because its latin1 that is the constraint that drives htpasswd. Lowercase is better because newbies don't expect upper/lower case on login.

Their WikiName would still be used for referring to their home page. I would be MartinCleaver , but logging in as mrjcleaver. So it is just as transparent from other users perspectives. In fact, it is more correct because accents in surnames such as LpezGoi would remain: any Spanish person will tell you that '' is a different character to 'n'; the scheme I mention allows this person to log in as say "lopezg" yet be displayed correctly. If you are thinking that its not so different, or that it is a simple translation from n -> n or n -> ny, consider the following newsgroup posting:

>Is any possibilities (modules to use) to convert string from latin1 to
>US-ASCII charset and leave its contetnt as readable as possible.
>( eg. convert letters: ->i ;->u ; ->a etc. )
>Thanks

This becomes language dependend.  The double dot is an umlaut marker
in German and a tremma in French.  An umlauted wowel can be replaced
by the un-umlauted wowel followed by the letter e so  becomes ae,
 becomes oe,  becomes ue.  The wowels e and i never gets umlauted.

Tremmas, although they look the same, has an entirely different purpose
and shouldn't be treated the same.

Please do continue to give me reasons as to why you disagree, I heartily encourage this.

-- MartinCleaver - 12 Oct 2004

Back in the early days of the I18N work, I tested 8-bit ('Latin1') characters in WikiNames with Apache 1.3 and they don't work with Basic Authentication. Has something changed in Apache 2 perhaps? Even if it has, such I18N support would need to be configurable at installation time, separately from general I18N support, to enable installation on older web servers.

Also, email addresses cannot safely use 8-bit characters, which is why the I18N work did not change the email address recognition regex.

BTW, 'Latin-1' usually means TWiki's default ISO-8859-1 character set, but TWiki also supports a range of 8-bit and 16-bit character sets other than Unicode as the site character set. The comments above apply to 16-bit character sets but would require the concept of 'word' to be defined in that language, which doesn't really apply to ideographic languages such as Chinese and Japanese languages.

However, I generally agree with using lower case login names (e.g. jsmith), for the simple reason that this lets the user use the same username on TWiki and other systems. This has been a source of confusion with local users. For Intranet TWiki sites it would be good to encourage or even default to the use of login names.

Note that TWikiRegistrationPub now includes the login name as used in TWikiRegistration, though not as a mandatory field, which will help to ensure that login names are specified when registering and therefore work when logging in. No code changes needed IMO.

For more discussion/links on I18N, see InternationalisationEnhancements.

-- RichardDonkin - 13 Oct 2004

look at my WikiName: GillesEricDescamps. I'd much rather use my favorite login: ged. In the applications I build, I tend to rely on unix login names as they are like an SQL key: a short unique non-ambiguous way to describe a person. email addresses have the default of not being unique (ged@workPLEASENOSPAM.com, GillesEric@workPLEASENOSPAM.com, Gilles-Eric.Descamps@workPLEASENOSPAM.com)

-- GillesEricDescamps - 13 Oct 2004

This was completed as part of the RegisterCgiScriptRewrite. Happily, in DevelopBranch, your login name can be anything you like. This will be part of DakarRelease.

-- MartinCleaver - 29 Jan 2005

Please note that we put in the $doMapUserToWikiName for security reasons, it should be turned off for public sites. See SecurityAlertGainAdminRightWithTWikiUsersMapping.

-- PeterThoeny - 30 Jan 2005

FranzJosefSilli : it seems you agree in principle but have found an issue with the mapping. Can you give us a testcase please?

  • I had noticed on my setup that when I had logged in with my LoginName (fsilli) and did make some topic changes, that those topics were listed in WebChanges as being changed by Main.fsilli instead of by my WikiName (Main.FranzJosefSilli). I guess there could be other places too where the names may get mangled. Which name is used in RCS (the .txt,v files) to ensure consistent tracking of the changes made by someone? I don't have any concerns about the features themself, they are very usefull (especially for Intranets), but they have to work properly. Sorry that I can't provide a better testcase description. -- FJ

-- MartinCleaver - 22 Apr 2005

I find it sometimes confusing that I can't log in with my WikiName (on DEVELOP). Is there a way that both can be used?

-- ArthurClemens - 24 Apr 2005

The checkin I did yesterday changed the default LoginName to simply be the same as the WikiName - without the lowercase change.

Now it will only be not a WikiName if the user specifically changes it.

As for dual login, on HtpasswdUserDotPm, its a case of making a second entry into the password file and keeping it in sync with changes. Feel free to raise it as a new feature request - it could be an interesting project for a newbie to take on.

-- MartinCleaver - 24 Apr 2005

How do you change LoginName for a user after he/she has registered?

-- VladimirJirasek - 12 Jul 2006

Edit | Attach | Watch | Print version | History: r21 < r20 < r19 < r18 < r17 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r21 - 2006-07-12 - VladimirJirasek
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.