#but i am going to probably implement a password rule now too
Explore tagged Tumblr posts
Visit Tumblr Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Last Seen Tumblr Blogs
shapebyshani-blog
Personal Trainer
6 posts
sevengraces09
SevenGraces
492 posts
french2cuck
French Beta Looser
35 posts
yuckyfreakk
yuckyfreak
17 posts
mei-ashiya-cum
芦屋芽依.cum
47 posts
Fun Fact
Celebrities use Tumblr as well.
clickonmedotexe · 16 days ago
Text
Another small reminder:
Mun =/= Muse. I am not Rex and Rex is not me. And what I do with Rex is not a reflection to how I feel about you or your character personally.
Mind the warnings. I have put a list of warnings on this blog to make sure everyone is on the same page of what you might expect roleplaying with Rex.
Do not godmod. I am the only person who decides what happens with Rex. I am generally very lax with letting Rex get hurt or killed (if its in a way that he can come back from) but I expect to be asked first every time, unless I specifically give you the go ahead otherwise.
#the admin#looking back at my rules i really beat the whole HERE IS WHAT NOT TO DO to death i dont know how i can make it any more clearer#like i am one step away from forcing everyone to conduct a job interview with me and sign a legal agreement that they really DID read rules#but i am going to probably implement a password rule now too#to be extra EXTRA clear of how much you need to read the terms of use#terms of use
5 notes · View notes
t-baba · 4 years ago
Photo
Tumblr media
Create a Contact Form in PHP
No matter what type of website you own or manage, you probably need a contact form. The contact form can help your visitors request a quote, ask for information, or share any tips or problems they're facing while using your website.
In this tutorial, our focus will be on creating a fully functional contact form in PHP from beginning to end. We will begin with the markup of all the fields that we need to add and the basic styling of the contact form. After that, we will move on to the PHP code to implement its functionality.
Of course, the easiest way to create a contact form is to download a professional contact form script from CodeCanyon.
PHP
18 Best Contact Form PHP Scripts for 2020
Monty Shokeen
But if you want to learn about how a contact form is created, read on! It might just be easier than you think.
Markup of Our HTML Contact Form
The first step towards creating our own contact form is to code the markup. We will start doing that once we have a list of all the elements that we want inside our form. We'll need an input field for the name of the person who is contacting us, and we'll need a field for their email address so that we can send a reply back to them if the need arises. We'll also need an input field for the reason people are contacting you and a textarea where users can type their message.
If the website you are managing is very popular, you'll be getting a lot of emails through the contact form. To make sure that the right people get to read those emails and respond quickly, you need a couple more fields. For instance, you could add a field that can determine which department the visitor wants to contact like marketing, support, or billing. This information can later be used to route the email appropriately. Ultimately, that might help you reply more quickly and sort the emails more efficiently.
How many fields you add to the contact form depends on the type of website you run, but make sure you don't overdo it. Forcing visitors to fill out too many details might discourage them from contacting you altogether.
Let's write the HTML code to add all the fields I just mentioned into our contact form.
<form action="contact.php" method="post"> <div class="elem-group"> <label for="name">Your Name</label> <input type="text" id="name" name="visitor_name" placeholder="John Doe" pattern=[A-Z\sa-z]{3,20} required> </div> <div class="elem-group"> <label for="email">Your E-mail</label> <input type="email" id="email" name="visitor_email" placeholder="[email protected]" required> </div> <div class="elem-group"> <label for="department-selection">Choose Concerned Department</label> <select id="department-selection" name="concerned_department" required> <option value="">Select a Department</option> <option value="billing">Billing</option> <option value="marketing">Marketing</option> <option value="technical support">Technical Support</option> </select> </div> <div class="elem-group"> <label for="title">Reason For Contacting Us</label> <input type="text" id="title" name="email_title" required placeholder="Unable to Reset my Password" pattern=[A-Za-z0-9\s]{8,60}> </div> <div class="elem-group"> <label for="message">Write your message</label> <textarea id="message" name="visitor_message" placeholder="Say whatever you want." required></textarea> </div> <button type="submit">Send Message</button> </form>
Before proceeding any further, I would like to quickly summarize the meaning of some important attributes in the above markup. The action attribute in the form determines where the form data needs to be sent. If you don't have an action attribute, the data is sent back to the same URL. Here we've used contact.php, so the form data will be sent to that script.
The name attribute for different input elements in the form is used to access the element values on the server side. For example, in the above form, you can get the name of the visitor contacting you using $_POST['visitor_name'] in contact.php.
We use the placeholder attribute to give users a basic idea of the expected input for each field in the form. The required attribute ensures that no important field is left blank before the user hits the submit button on the form. 
The pattern attribute is used to enforce some rules on the kinds of values that can go inside certain fields. In our case, we only allow users to use letters and the space character in the names they submit. We also limit the total number of acceptable characters to anything from 3 to 20 inclusive. The pattern that you use will depend on the type of input that you want from users.
The following CodePen demo shows us what our contact form looks like with the above markup and a little bit of CSS.
Making Our HTML Contact Form Functional Using PHP
Right now, our form doesn't do anything useful. Visitors can fill it out and hit the send message button, but we won't receive anything because there is no server-side code to handle the information provided by the form. In this section, we'll make our contact form functional using PHP.
Begin by creating a contact.php file and putting the following code inside it.
<?php if($_POST) { $visitor_name = ""; $visitor_email = ""; $email_title = ""; $concerned_department = ""; $visitor_message = ""; $email_body = "<div>"; if(isset($_POST['visitor_name'])) { $visitor_name = filter_var($_POST['visitor_name'], FILTER_SANITIZE_STRING); $email_body .= "<div> <label><b>Visitor Name:</b></label> <span>".$visitor_name."</span> </div>"; } if(isset($_POST['visitor_email'])) { $visitor_email = str_replace(array("\r", "\n", "%0a", "%0d"), '', $_POST['visitor_email']); $visitor_email = filter_var($visitor_email, FILTER_VALIDATE_EMAIL); $email_body .= "<div> <label><b>Visitor Email:</b></label> <span>".$visitor_email."</span> </div>"; } if(isset($_POST['email_title'])) { $email_title = filter_var($_POST['email_title'], FILTER_SANITIZE_STRING); $email_body .= "<div> <label><b>Reason For Contacting Us:</b></label> <span>".$email_title."</span> </div>"; } if(isset($_POST['concerned_department'])) { $concerned_department = filter_var($_POST['concerned_department'], FILTER_SANITIZE_STRING); $email_body .= "<div> <label><b>Concerned Department:</b></label> <span>".$concerned_department."</span> </div>"; } if(isset($_POST['visitor_message'])) { $visitor_message = htmlspecialchars($_POST['visitor_message']); $email_body .= "<div> <label><b>Visitor Message:</b></label> <div>".$visitor_message."</div> </div>"; } if($concerned_department == "billing") { $recipient = "[email protected]"; } else if($concerned_department == "marketing") { $recipient = "[email protected]"; } else if($concerned_department == "technical support") { $recipient = "[email protected]"; } else { $recipient = "[email protected]"; } $email_body .= "</div>"; $headers = 'MIME-Version: 1.0' . "\r\n" .'Content-type: text/html; charset=utf-8' . "\r\n" .'From: ' . $visitor_email . "\r\n"; if(mail($recipient, $email_title, $email_body, $headers)) { echo "<p>Thank you for contacting us, $visitor_name. You will get a reply within 24 hours.</p>"; } else { echo '<p>We are sorry but the email did not go through.</p>'; } } else { echo '<p>Something went wrong</p>'; } ?>
We have already done some client-side validation of user input. However, it's always safer to do server-side validation as well. We use the filter_var() function to sanitize the name provided by the user. In a similar fashion, we also sanitize the value of $email_title and $concerned_department. You can use the filter_var()function to validate or sanitize all types of user input. We also use the htmlspecialchars() function to encode all the special HTML characters in the visitor message sent to us.
The value of $recipient is based on the value of the variable $concerned_department. This way, we make sure that only people who are actually supposed to look into the matter receive the email.
Also, we've used the $email_body variable to format the email body which will be the main content of the email. As we are sending an email in the HTML format, we've used HTML to format the email body content.
Finally, we use the mail() function to send an email which includes the information the visitor wanted us to know. Upon successful delivery of the email, we let the visitors know that we have received their email and that they will be contacted soon.
Security is paramount when you are dealing with user data or input. Whether you should validate or sanitize the user input depends on what the input is and how you want to use it. Validation simply checks if the user input follows a certain set of rules. For example, validation could check that the name of a person does not contain any numbers. Sanitization is used to remove any offending characters that pose a security risk. For example, a malicious user trying to contact you through the form might add a script tag in the textarea to get you to download a harmful script. This is particularly worrisome when your website has public forums accessible by everyone.
However, you have to be very careful when getting rid of unwanted characters in user input. For example, you might decide to use filter_var($user_input, FILTER_SANITIZE_STRING); on some input to strip all tags and encode special characters. However, this flag also strips harmless character input by legitimate users. Here is an example:
<?php $string = 'One of your posts about inequalities mentioned that when x < y and y < z then x < z.'; // Output: One of your posts about inequalities mentioned that when x echo filter_var($string, FILTER_SANITIZE_STRING); // Output: One of your posts about inequalities mentioned that when x < y and y < z then x < z. echo htmlspecialchars($string); ?>
If your website has a lot of maths-related topics, it will be relatively common for users to write < or > in contact forms or forum posts. Using the FILTER_SANITIZE_STRING flag with the filter_var() function will strip necessary information from the message in this case.
The point I am trying to make is that even though you should always validate or sanitize user data, make sure that you are not stripping away crucial information in the process.
Final Thoughts
Creating a basic contact form in PHP is pretty simple. You begin by writing the HTML needed to create input elements for information like the user's name, email address, phone number, etc. The next step is writing CSS to make sure the contact form blends in perfectly with the rest of the website. The final step involves writing the PHP code that will take the information from the contact form and securely mail it to you.
The aim is to make sure that different form elements are laid out in a way that does not confuse people and the user input is sanitized and validated before you mail it to concerned parties. If all this is new to you or if you don't want to spend a lot of time creating a professional-looking contact form, you should definitely check out these top-rated contact form PHP scripts.
If you have any questions, feel free to let me know in the comments. My next tutorial will show you how to implement your own CAPTCHA to help keep contact form spam in check. 
If you're interested in professional-quality PHP form scripts that you can start using on your site today, check out some of our other posts.
20 Best PHP Email Forms
PHP email forms have many uses. While some may need a basic contact form, some need forms to collect more data. For example, you might be creating a website...
Esther Vaati
29 Jun 2020
PHP
18 Best Contact Form PHP Scripts for 2020
Are you looking for an easy-to-use contact form PHP script? Contact forms are a must-have for every website, and with 14 premium scripts from CodeCanyon and...
Monty Shokeen
29 Jul 2020
PHP
19 PHP Login and Registration Forms to Download
By downloading a PHP login and registration script, you can add a registration form to your website that will be secure and look good.
Daniel Stern
16 Apr 2020
PHP
by Monty Shokeen via Envato Tuts+ Code https://ift.tt/330edVg
#CSS3#HTML5 Branding#HTML5 Weekly#HTMLl5 demos#Javascript#Javascript Branding#Javascript Weekly
0 notes
kevinasisart110fall19 · 5 years ago
Text
E - Extra Credit - Feedback
What did you think of the format of the class? To begin with, interesting to be sure. I’m a big fan of the way you eased us into the activities rather than starting all gungho right from the start. Starting with the art galleries surprised me, but I’m glad that I presented fairly early on rather than having the option to and surely procrastinating to this moment in time when I have other projects and things going on. The whole one idea about art a week thing is something I find particularly enjoyable, although it would have been nice to hear you talk about and explore the ideas on both days rather than just one.
What did you think of making & presenting your Art Gallery? Making the art gallery was rather interesting, I was pleasantly surprised to learn about someone whose work has been prevalent all throughout my life in the form of Best Buddies and Andy Haring who I never even knew about. Presenting the art gallery was actually more fun that making it, but I honestly do wish that I got a few more questions because Andy Haring is such an interesting guy. Working with Wix again has also got me thinking about how to use the website for personal purposes like I did way back in High School.
What did you think of visiting the SOA Art Galleries? I loved visiting the SOA art galleries and talking to the artists, but I really disliked the crowds that we went with. I understand the limitations with the class and the need for everyone to ask the same questions in the same time frame. I also understand that if I feel that way I should simply go at another time to ask my questions and get the responses that I want but that is just the way I feel about it at that moment. It was fantastic going out there and talking to those very interesting people seeing their passions spilling out onto the page. I am also glad that I have access to the social media and contact information of artists who I find I vibe with or whose work I especially enjoy since I can follow and message them on my own time!
What did you think of the weekly Art Activities? Rather interesting and counter intuitive(in a good way!) to me. As an engineer I am often given concrete steps and concrete answers for my work but the open-ended nature of these activities really work as a way to foster creativity. I often ended up resorting to my “strength” of making a picture or a digital painting but on the off days where I adventured outside of my comfort zone it was really rewarding and fun! That being said, the open ended nature of the activities can be scary. I can’t tell you how many times I have been paralyzed by choice only to waste minutes and hours and seconds trying to decide on what to do. It’s good that you offer options in class and on the website like suggesting a painting but I think it would be cool to maybe have a theme of the week? Even if it’s one word or one phrase, like from a random prompt generator so that we can all see different expressions of the ideas brought on by the same originator. 
What did you think of the “7 Ideas about Art”? Seven ideas about art... Abstraction, identity, speech, free speech, architecture, images, and remix. In this class I have learned so much and had my narrow mind widened in the few minutes per week I have spent listening to your explanations and explorations on these matters. I especially enjoyed your commentary on the whole “engineers are building their own replacements” that was hilarious and scarily true and awesome. My favorite activity was the remix activity. In a world where it seems almost everyone has done everything already, accepting the repetitive and cyclical nature of creations was refreshing and liberating. I am always worried in my Dungeons and Dragons games that I am being too cliche’ed or not being original enough to call it my story but as other Celebrity Dungeon Masters say: STEAL, steal everything and anything you can that you enjoy and apply it for you enjoyment. When you do that, you will end up creating something all your own: Synthesis, the end paragraph of every artist conversation.
How did you feel about using Tumblr for your blog? Well, at the start of the semester Tumblr was literally not working for me or my devices which left a really sour taste in my mouth. From the magic link not working, to the website not accepting my password, to the application on my phone refusing to open I was extremely angry and displeased. This, while not responsible for the irresponsible actions I took in not being punctual, massively contributed to me not wanting to turn in assignments through Tumblr. I would strongly recommend switching to Instagram although now that Tumblr is working for me I don’t mind it as much as I used to.
How did feel about using Wix for your virtual art gallery? I’ve used Wix before and I actually really love the intuitive design of the website builder. The only thing I can think of is that it is difficult to work together on it in class due to the restrictive nature of the one editor at a time thing. But mechanically, Wix is a great option for the online art gallery, very fun and easy to use.
What did you think of using the class website, glenn.zucman.com/i2va, plus your own websites, instead of BeachBoard? The class website was awesome, love the layout, love the colors, and especially the user-friendly interface. I think it would be cool to have a “post of the week” thing going that would also serve as a week-marker progress bar page that could feature one student’s exemplary post once a week with their permission. That could also make making a class semester memory page easy!
What did you think about having a class with no tests? I don’t just mean “was it cool to not have to take any,” but students use tests to guide their study and participation in a class. Students tend to learn what’s on the test, and to not learn anything that isn’t. Did not having exams make it harder to focus or find importance and relevance in the class? The thing about having a class without iron clad rules and other such constructs like rigid evaluations is that it largely depends on the students. We have to have open minds and the willingness to try to learn a new way and go along with the fluid nature of the course. I found my purpose in the class fairly late on in the desire to apply your teachings to my creative foundries in the forms of learning to draw, world-building my dungeons and dragons world, writing stories, and appreciating art for its message and emotions rather than solely mechanical and physical form.
It seemed like it was hard to get very much Class Participation, especially toward the end of the class. Did I talk too much? Ask the wrong questions? Was it too confusing? Not interesting/relevant enough? Any suggestions for more class participation in the future? One thing that makes me sad within these classes is that as I said in my answer to question 9 is that in these more fluid classes(especially in the GE sections) it largely depends on the students’ willingness to participate. I can’t tell you how much it breaks the flow of the class in STEM classes when the professor asks a question and no one answers and it becomes deadlocked in silence wasting time. No one like getting called on when they don’t want to answer any questions, and no one likes just sitting around in silent waiting for someone else to answer. I admit that I could probably have a long conversation with you regarding the ideas that you have been teaching like abstraction, images as story tellers, etc but I didn’t want to be constantly sticking my hand up and answering every single question even if I wanted to. It’s a sort of group mentality thing, I didn’t want to stand out like in my other classes(Greek Myth). I don’t know. I think that perhaps a method to get more group participation is to make it a requirement to ask a certain amount of questions or answer a certain amount of problems. I can tell you that it greatly aided my creative writing class’s teacher and fostered greater communication between students and forced people to contribute to the conversation on stories and ideas. If you make a question and answer quota for every student it will be difficult to keep track of(maybe don’t even keep track of it but just say you do) but people will begin to participate in the name of points.
Any other thoughts I really enjoyed the “write a story instead of an artist essay” that you implemented last week and I was taking a look at the art experiences master list. Perhaps as a way of giving further control to the students who want to you could offer the added option of swapping out one activity on a given idea about art for another of the same category on the master art experiences list. I doubt many students would take the opportunity but those that do would probably find something that they resonate more with.
0 notes
limgsblog · 7 years ago
Text
Facebook Safety
[ad_1]
Facebook is an excellent tool to stay in contact with friends and family, and also to meet new people, however we quickly forget an important childhood lesson-"don't talk to strangers" - "but they are my friends you may say..."
As Fb (Facebook) relies on people's openness to share their information on a semi-public forum, some dilemmas are posed. There is a strong need for humans to be connected to each other and Fb seems to take advantage of that need. This is not necessarily a bad thing. Whether it's reconnecting with distant relatives or keeping track of close friends without having to duplicate information, or even to see what happened to that high school sweetheart, the strong interconnectivity of the internet cannot be denied or ignored. Thus it is easier to learn to adapt and live with, rather than find ways to live without this valuable tool.
The uses of Fb are far reaching. A Cape Town organisation has successfully located numerous missing children by posting their pictures on their group site. The effect that Fb is having on our society is still not clear. In terms of research, Fb is still new and there is currently a large amount of studies being undertaken on various aspects of the impact of Fb. For example, many corporate companies have implemented policies to deal with social networking forums such as Fb, MSN (another social network -Windows Live Messenger) and the like, owing to reduced productivity in the workplace. The current research on the effects of Fb on family life, work and mental health will be interesting. The problem is that research takes time and the publication of these findings too takes time, and Fb is still relatively new.
So you have taken the time to create a nice full profile on Fb. You have even included details as to where you live, work, your contact numbers and interests. You then are going on holiday and you post that on your status update something like "Ten days before holiday to Thailand!" The problem is that not only does everyone know that you will be out of town, they also know personal information about you and possibly your family. There would most probably be some pictures of your house on Fb in your photo albums and suddenly you have made it really easy for a would be burglar to have an option here. People even post that they are missing their husband while he is away. This can be a security risk too.
Before going head first into the Fb world, I would ask myself some questions:
1. Do I provide personal information and photos etc on my profile?
2. Am I really friends with all the people who have access to my Fb profile?
3. Do I trust the people who can view my profile and its contents?
4. Do I know how to use the security settings on Fb?
Who would you let into your home after hours? Who would you let into your home and allow them to look at your videos, photos and weekly plan? The information that you put onto Fb can easily become public and is available 24 hours a day.
Information such as where one works, while may be interesting for friends to see, can have a negative effect. The more information that you make available about yourself the more information a would be predator can get. For example, a con-artist could easily get more information about you by pretending to be a close friend when telephoning your business for example. By already having quite a lot of your personal details, it becomes easier to convince your reception or a co-worker for further information, such as your other contact numbers and so on. Now the con-artist could impersonate you when contacting some of your service providers as he/she already has your personal numbers, work numbers, email address and possibly your home address. This is the information that is often used to verify you to your service providers. A con-artist could contact a common service provider such as a telephone company and request that they want to change the postal address details. The operator from the service provider may confirm your address details to the con after he/she has presented other personal information such as birth date, contact numbers and work address. Even if the service provider does not accept the information that the con provided, they will tell him/her what information they require before they will be able to divulge or make changes to your account profile. Thus, the con can contact other service providers and between a few, and with some clever communication can get the missing information. Each service provider asks different security verification details and it is likely that the con will get through to at least one service provider to whom can provide further information, such as your home address. Now you are not only at a financial risk, you may be at physical risk too.
Included in this fraud is attempting to predict passwords for example by having personal information about you. A common hacking tool is called "social engineering" whereby a hacker psychologically manipulates situations to gain further information about you to fill in missing gaps that he/she needs to con you. For example, many people use their child's name as their password on their computer, or their birth date, or any easy to remember information. By creating a trust relationship with you, you may without knowing it, be giving possible passwords/access information to a hacker as he/she attempts to create a psychological profile of you.
If you lose your credit card or your identity document, Fb becomes even more unsafe. If the person who finds these personal documents becomes a friend of yours on Fb (or if your profile is open to the public), then the balance of your personal information is available. Cases of fraud regularly occur in the work environment whereby a fellow co-worker is involved in fraudulent activity either directly or indirectly via a partner. In the work environment, information such as identity numbers, home phone numbers and possibly addresses are fairly easily available in many companies. It is also common for co-workers to be friends on Fb, the rest is self-explanatory. The point is that, the more information there is available about you, even more information can be obtained from that very information. Thus, fraudulent activity becomes easier with more information. Phishing (technique of fraudulently obtaining private information) is a common occurrence that takes many forms such as emails from legitimately looking companies attempting to update their database, and requiring you to confirm details via email or telephone for example. The more information there is available about you, the more openings there are for fraudsters to gain entrance into your life. The possibilities are endless and the methods used to con people too are endless.
Psychologically deviant behaviour is a concern for public forums. We need to be aware that child friendly websites have been known to attract not only children but paedophiles too. Facebook has a minimum age for membership of 14 years of age. Paedophilia is a concern for young teenagers and I would not rule this out as a concern for parents just because "every one's child is on Fb and therefore it must be safe". If this was true then crossing a street would pose no risks as everyone is doing it.... The point is that parental involvement is always important. I am not saying that one needs to be like a hawk, but what I am saying is that teaching your children about the risks and role-playing possible scenarios that they may be faced with, is an important part of any new activity that has risks. For example, the same way a parent needs to oversee a child when learning to swim (and thereafter for many years of swimming), the same applies for internet based activities. Excuses such as my children know more than me and they teach me about computers is a common complaint. It is easy to get advice and that does not mean that you need to be a computer specialist, but as a parent you already have the knowledge of what would be acceptable behaviours for your children, so it's just the vehicle that you need to adapt to. This can be fun too.
Facebook provides a perfect place for voyeuristic behaviour (the sexual interest in or practice of spying on people, usually while they are doing personal actions). Once a Fb user lets another Fb user see his/her profile by accepting a friendship, the profile remains open to each party unless either the friend is removed from the profile ("unfriend"- Oxford word of the year for 2009) or privacy settings are applied. Now if your profile is open to your friends, these friends can view your photos, videos and other information at any time and as many times as they want. This activity goes unnoticed, so if one of your friends looks at a particular photo album of yours once or 50 times, you would not know. Why is this important you may ask? Well many people provide holiday pictures of themselves and some even include pictures that may be sexually appealing to a would be viewer of your profile. Does this mean that one should only show pictures of themselves with full winter clothing? No of course not, it's merely to be aware that if you have a stack of friends and you also have a stack of photos for example, there may be people obsessing over these photos to a degree that may bother you if you were aware of this obsession. It is about awareness, and I am sure many people use Fb as a meeting forum and thus some attractive pictures are status quo for such people, however, there are people who derive a benefit from your media and this may pose a risk to you and/or your family. As we see how easily celebrities can become idolised merely from excessive exposure and there is much research regarding this topic. Continuous viewing of people's media creates familiarity without the actual interpersonal relationship developing. The effects of this can be seen by simply observing how people respond to seeing someone in real life to whom they know from TV or who is famous.
A recent violent murder in Pretoria (South Africa) whereby a schoolgirl was found dead is believed to be linked to someone she had met on Facebook. It is difficult to trace such a link and that is one of the dark sides to social networking. There have been numerous incidents of people being attacked by "friends" they met online. One such incident involved a student from Virginia (USA) who was murdered by someone she met on MySpace (another online social network). Cases like these are on the increase. One possible reason for this is that it is difficult to get background information about new online friends and there are many people who lie about their profile information. Awareness of the risks is important.
What can one do to reduce possible negative effects of social networking? Earlier in the article, four questions were posed. Some further proactive steps include:
Become familiar with Fb's Privacy settings. They allow for each user to create personalised privacy controls. For example, it is possible to allow some of your friends to view your photo albums, while other friends cannot see these albums. Thus you can partition your friends into groups, possibly - family and close friends, not so close friends, and then past friends and acquaintances. It is easy to set this up and easy to select your friends into your new groups. Then the next time you upload your new photo album just select which groups of friends you want to allow access to view it. You can also choose directly from your friends list, but it is easier to pre-group your friends. To find these settings look to the top left corner of your screen and select "account settings" then choose "privacy settings" and then "profile information". A menu of all your account settings will be shown. For photo albums, just select "photo albums" menu and there you will find a customisable option. Customisation is available for any of your information fields on Fb. It is good practice to go through all the available settings even if you only change a few. For example, if you type a person's name into a Google search, Fb results too will come up unless you explicitly change that setting in Fb. Thus, some settings are already set to open access, unless you change it yourself.
Having set up your personalised privacy, check that your login credentials are also secure. Passwords that are linked to your personal information such as children's names, favourite colours, and birthdates are easy to hack. A mixture of numbers and names is stronger. Special characters such as the ones where you need to press the shift key also add strength. Another method to use is not a password as such but passwords, or a "pass-sentence". Even a short sentence such as "I like Fb!" is harder to hack than a single long word. Password hacking software relies on the commonly used words first and then words with numbers and most struggle with sentences.
When creating an account on Fb, it asks for your email address as your username. Most people leave this as their username. This also poses a risk as in your profile information which is available to your friends (and possibly to the public), it is likely that you have put your email address there. Thus for a hacker, he/she already has half your login details and now just needs your password.
Observe your own Fb use. There are many new cases of people who become psychologically reliant on Fb. New terms such as "friendship addiction" have been used to describe some of the symptoms associated with this problem. Social networking sites while beneficial to many older adults by reducing feelings of isolation, may create an unhealthy obsession for teenagers and adults. This is particularly true for vulnerable groups such as women or men who obtain self-esteem from relationships as well as recovering addicts (substance abusers, shopping addicts etc). There are people who actively seek to take advantage of vulnerable people and attempt to exploit their weaknesses for personal gain.
A group on Fb called "Facebook Junky and proud of it!" describes the criteria they believe to be a deciding factor to gain entrance to their group. The group believe that if you are checking your Fb profile more often than your email; if you are more interested to see what is going on with your virtual friends than your real world friends; if you would be psychologically disturbed if Fb was shut off for a few days; and/or if you could use the terms obsessive or compulsive to describe the way you use Fb, you have met the admission requirements for this group. Surprisingly there were only 74 members of this group at the time of writing. The point is, time spent on Fb is time away from other parts of your life. Finding the balance is the key.
The impact of social networking is only just being understood and it will be some time before adequate research delineates the pros and cons of this activity and its effects on our lives. It is without doubt that many new cases of unexpected crimes will be blamed on Fb in the near future. However, Fb is the tool and we are the users. We all know the saying "a bad mechanic always blames his tools", the same applies here, we cannot just blame Fb after the fact. We know the terms of use and need to be responsible and remember our childhood lessons about the world that we live in. The internet only changes the channel but does not change the people.
[ad_2] Source by Philip Baron
0 notes
gilbertineonfr2 · 8 years ago
Text
Three basic security hygiene tips from Microsoft’s Identity Team
This post is authored by Alex Weinert from the Identity Division’s Security and Protection Team.
Hey there!
I want to share three basic hygiene tips for account protection that every organization should consider. Applying these will go a long way in making sure that only the right users get into to their accounts (and all the things those accounts give access to). While there are many great security features available from Microsoft and our partners, in this blog post I am going to focus on three basic hygiene account security tasks:
Ensure your users are registered and ready for multi-factor authentication (MFA) challenges;
Detect and challenge risky logins; and
Detect and change compromised credentials.
While these don’t guarantee you’ll never deal with account compromises, we find that in most cases implementing these simple practices would have prevented attackers from getting initial intrusion. For account security, it really is true that “an ounce of prevention is worth a pound of cure.” So here is your “ounce of prevention.”
Basic hygiene part 1: Ensure your users are registered for MFA challenges
In a perfect world, no one would ever complete a multi-factor challenge. We would get rid of static rules (“MFA always”) which cause user friction, and replace them with perfect risk detection. Good users would never see MFA challenges – we’d always figure out we were working with a trusted person – and bad guys would never be able to solve them.
Alas, despite many years of hard work on the problem (and substantial improvements), we still have “false positives,” where the system detects risk on a login that belongs to a good user. This could be because
the person is travelling to a new location and on a new machine,
because they are remoting into a machine in a datacenter far away, or
because they are intentionally using anonymizing software and routing (such as TOR).
These are simple examples, but this “grey area” will exist even as our detection gets more sophisticated, because, unfortunately, the bad guys are evolving too. It is their job – through phishing, malware, and the use of botnets – to act more and more like the people whose accounts they are trying to hack. Because of that, we must be able to challenge when we aren’t sure they are good – and that will mean some false positives that challenge good users.
If your users aren’t set up for multi-factor authentication, then your security policy will effectively block them from signing in and doing their jobs. Now, good security enables better productivity, but when organizations (and individual users) are faced with the choice between security and productivity, they choose productivity. MFA readiness allows users to solve the occasional challenge from a false positive, which in turn allows you to have a great security posture. That is why a good MFA registration policy is first on our list for basic hygiene.
In Azure Active Directory, you can use Azure AD Identity Protection to set up a policy to cover your users for MFA registration. Azure AD MFA will allow MFA challenges using voice, SMS, push-notification, or OAUTH token challenges. The registration policy will offer whatever you have configured in Azure AD MFA.
To set up a registration policy with Azure AD Identity Protection, just look at the menu on the left, and under “Configure�� choose “Multi-factor authentication registration”.
Once you do this, you can choose the users to include in the policy, see the current state of MFA registration in your organization, and enable the policy.
Now, when a user who hasn’t yet registered for MFA logs in, they will see this:
This process has a few major benefits:
The process is “self-help” and built into Azure Active Directory
Users can be challenged with multi-factor authentication whenever we see risk in the login
Users are familiarized with the process of receiving a challenge
Ok, now that everyone is registered, let’s put all this MFA goodness to work.
Basic hygiene part 2: Detect and challenge risky logins
There are many tools out there for telling you when a login has gone wrong, and a bad guy got in to your resources by pretending to be a good user. While helpful for forensics and improving your security posture for future events, the second step in your “Basic Hygiene” is to prevent bad guys from logging in at all. Azure Active Directory Identity Protection can detect risky logins in real time. Examples are logins from TOR browsers, new or impossible locations, or Botnet infected devices. To see the events impacting your organization, check the “Risk Events” area in Azure AD Identity Protection.
An unfortunate reality is that password leaks are happening daily (the biggest recorded breach was reported last week, at over 1B cred pairs), and 60% of people reuse their usernames and passwords. We detect and block tens of millions of credential replay attacks every day.
Our detection algorithms are based on our experience defending Microsoft’s consumer and enterprise assets, and the assets of our customers. They benefit from the supervised machine learning system which processes 20TB of data a day and self-adapts to new attack patterns, as well as many applied data scientists. Applying this evaluation to conditional access is your path to ensuring that bad actors are stopped in their tracks. That’s where Azure AD Conditional Access comes in. Azure AD Conditional Access is your Swiss army knife for making sure all logins are secure and compliant. It allows you to specify conditions of a login which impose more requirements before a resource can be accessed. With login risk assessment, you can apply a policy to challenge risky logins. Pick “Sign-in Risk Policy” and enable the policy.
With this policy enabled, you can apply a real-time intercept when risk is detected. The end user experience is as follows:
If a bad guy logs in (in this case, emulated from TOR):
The mobile app then gets the approval notification:
And the user simply doesn’t approve (or, if it *is* the good user, can get in), with the same approval process as previously described.
Basic hygiene part 3: Detect and challenge compromised credentials
Users regularly fall for phishing scams, get malware, reuse their credentials on other systems, and use easily guessed passwords. As a result, we see a lot of cases where we are confident that the valid user is not the only one in possession of their password.
If we are seeing a lot of attempted logins or bad activity in a login, or find your users’ credentials leaked on the black market, we notify you of this by setting the “User Risk” score, indicating a probability that the user’s password is known to a bad actor. You can see which users the system is detecting as “At Risk” and why in Azure AD Identity Protection under “Users flagged for risk”. Notice my account about mid-way down on the right is marked as being at medium risk with six events.
(Please note that for hybrid environment, our ability to detect leaked credentials from black market finds requires that you have enabled password hash sync from your on-premises environment to Azure AD.)
I am frequently asked if compromise of the password is significant if the user is configured for MFA – the answer is emphatically yes! Multi-factor authentication is multi-factor if it utilizes at least two different mechanisms (choosing from a secret you know, what you have, and what you are). If the password is compromised, then you really don’t have a valid secret anymore. So, once we detect a compromised credential, it is important to lock out that user until the credential can be remediated, or better, we can have the user change the password themselves as soon as they can do so safely (with MFA). We do this on our consumer (Microsoft account) side, and find that we can get the user to safely change their password before the bad guys have a chance to act about 80% of the time. Our investigations in the enterprise cases show roughly the same results in terms of stopping attacks even when the password is known to the attacker.
Here again, Azure AD Conditional Access is your friend. When the condition includes users at risk of compromised credentials, we can challenge for MFA and require a password change. Look for “User Risk Policy”. In this case, I have configured the policy to require password change when user credential risk is medium or above. For this to work, you need to be mastering your passwords in the cloud, so if you are in a hybrid deployment, be sure password writeback is enabled!
When a user logs in with a user risk score that triggers this policy, they see the following:
On clicking next, they are asked to do multi-factor authentication:
And upon approving the login, the user can change their password.
And importantly – they can carry on with their work! Which emphasizes again the importance of getting those users registered!
So, there you have it! Three easy steps to VASTLY better account protection by doing basic hygiene! In summary:
Ensure your users are registered and ready for multi-factor authentication (MFA) challenges;
Detect and challenge risky logins; and
Detect and change compromised credentials.
Azure Active Directory makes it easy!
Be safe!
Alex (@alex_t_weinert)
from Microsoft Secure Blog Staff
#Three basic security hygiene tips from Microsoft’s Identity Team
0 notes
deverodesign · 8 years ago
Link
Reading Time: 11 minutes
Tumblr media
Designing and building great mobile forms is hard. Quite often, filling out these forms is not easier either. When we think about filling some form, we are usually not filled with joy. For most of us, forms are just a tool we need to use to get some job done. As a tool, it is not the most user-friendly one. What makes it so difficult to design usable form? Can we take even very bad examples of mobile forms and make them better? Let’s talk about a couple of best practices to achieve this.
Table of Contents:
No.1: Keep it short and specific
Show only what’s necessary
No.2: Use single-column layout
No.3: Prefer logical order of fields
No.4: Group related elements
No.5: Avoid placeholders, use labels
Forms and world full of distractions
We are designing for illusory world, not for reality
Labels improve usability of forms
Using labels in conjunction with placeholders is not a solution
No.6-10 in part 2.
P.S.: There will be a bonus advice in the end.
No.1: Keep it short and specific
How many input fields do you think mobile forms should have? The only correct answer is as little as possible. Mobile forms should be short. Unfortunately, this is not often the truth. In reality, forms are usually much longer than is necessary. I’m not talking about reducing the number of input fields such as first and last name into one. This is not a real problem. The real problem is that many mobile forms contain optional input fields. My question is, why?
The answer is usually goes like “because some users my want or need to use this field”. Okay, how many users do you think will want to do that? Also, do you need to ask for this information right now? There is a difference between information you need to get right now and information you can ask for later. For example, register form should contain fields for email and password, or username. Otherwise, user can’t login after she finishes the registration. Well, you can send her a link.
However, is it necessary that the register form also contains fields for phone number, gender, address and other things? Are these information crucial for finishing the job user wants to get done? You should ask the same about other types of forms. Is it necessary to ask for phone number if the user wants to buy something? What if she wants to be notified by mail? Then, the phone will be useless. Asking for it will be a waste of time. And, you will waste screen real estate.
Show only what’s necessary
American author Mark Twain once said: “I didn’t have time to write a short letter, so I wrote a long one instead.” The same could say a lot of web designers as well. When we design mobile forms, we often don’t take the time to think about it deeply. The truth is that eliminating unnecessary elements, not only form fields, is hard and time-consuming. It is usually much easier to add new elements than to remove. However, it is worth the time and effort.
Take a minute, or five, and think about the form you are designing. What is its goal? Is it collecting information? Probably not, unless it is a survey. The goal is helping user finish some job, or task. The goal of register form is to help user create an account. Order form helps user buy certain thing. As you can see, the goal is never just collecting information about the user. So, why do you ask user on information that are not necessary to achieve this goal?
I think that you know where am I going with this. Eliminate all the fields that are not necessary at the moment. If you would like to know some additional information, ask for them later. Send user welcome message with link to her new profile where she can fill these information. The benefit of removing unnecessary fields will be increased completion rates. Shorter forms, not only mobile forms, are easier to finish for users. This is your goal, to help users finish the form.
If you are still hesitant, remember that every time you remove a field or question from a form, its conversion rate will increase. Let’s remove the obstacles and help users get their job done faster and with less effort. Again, show only necessary inputs.
No.2: Use single-column layout
Always use single-column layout for your forms. This practice could be harder to implement on desktops because there could be a lot of space left. Well, who says that whitespace is bad? However, it is a must for mobile forms. The reason for using single-column is simple. It helps sustain vertical momentum of moving down the form. When you use multi-column layout you force users to visually reorient themselves.
In multi-column layout, users’ eyes have to jump from one column to another. And, they have to look for the point where the line starts. From the left to the right, then on another line and repeat. After a while, this will cause eyestrain. If you don’t believe me, repeat this movement for a while. The best way to avoid this is staying away from multi-column layout in both, desktop and mobile forms. Use single-column layout to keep users in the flow and sustain the vertical momentum.
There is one exception to this rule. You can show short and related fields such as zip code, state, age and gender on the same row.
Another good thing to do is aligning labels vertically. In other words, above the inputs, not next to them. There are two reasons for following this practice. First, horizontally aligned labels break the vertical momentum. And, they also force users’ eyes to constantly move from left to right. The result is again more pressure on the eyes causing eyestrain. Second reason is that mobile forms has less screen estate.
When you place label and input on the same line, the input must be smaller. This can cause a lot of issues. Also, the form will look more cluttered, which may discourage some users from completing it. And, this is something you want to avoid.
No.3: Prefer logical order of fields
Another practice for making mobile forms easier to use is ordering fields in standard and commonly used order. For example, it would not be a good idea to ask for credit card number first and name second. People usually expect the less confidential information to be first. You can think about it as meet someone face to face. If you don’t know that person, you will probably first ask for her name, not phone phone or credit card number.
Again, you will start with first name and then last name. Then, you may ask on couple more information that are not too personal. It is only after these initial steps when you ask for information that are personal and for many people uncomfortable to talk about. So, when you design a mobile form, think about it as meeting someone you don’t know yet. Keep it friendly, start with less confidential information. Remember to order the fields properly.
Let me give you a simple example for order of inputs asking for credit card information. Credit card number should be first, expiration date second and security code third. In case of location, the order should be address, city, zip code and state.
Finally, remember to use logical order for multiple options. For example, standard shipping should be first while 2-day shipping should be second. Lastly, think about the most often used values in selects and drop-downs. What values are used the most? You can list these values first to make completing the form easier. Also, using autocomplete and plugins like typeahead might be a good idea. It will allow users to type less. This can increase completion rates of your mobile forms.
No.4: Group related elements
This practice has two forms. First, always make sure to group label with the form field it describes. Label should be right above the input. There should be relatively small amount of space between the label and input related to it. On the other hand, there should be more space between these two elements and other form fields. As a result, the label and input will look like they are connected, that they are in the same group. This is a one of the gestalt principles, proximity.
Also, keep in mind accessibility of your mobile forms. Meaning, make sure to use for attributes with correct values. This will explicitly associate label with the right form element. What if you don’t want to use labels, but only placeholders? Well, we will talk about this in the next practice. If you want to do it, this is one thing you can do to improve the accessibility of your mobile forms. Use aria-label attribute on input fields. This information will be visible only to screen readers.
The second form of grouping form elements is to group parts of form together if they are logically connected. This way, you can divide the form into sections. This practice can make it easier for users to work with the form. For example, you can put inputs for personal details into one section and inputs for billing information into second. And, if you still want to include some optional inputs, you can put them into third section. Just remember to use standard order of inputs.
No.5: Avoid placeholders, use labels
Are placeholders good or bad? Is it a good idea to use only placeholders or to use them in tandem with labels? What do you think? It is a very common practice to provide information about form field in the form of placeholder. I have to admit that I used this practice by myself for a number of times as well. The problem is that there is some evidence that this practice is not the best one. In a fact, it can be even detrimental to usability of the form.
The biggest problem with using only placeholders is that it forces users to rely on their short-term memory. Let’s say that there is no other clue or description for the field other than placeholder. Then, when user input some text, this clue is gone. From that moment, there is no way user can make sure she filled in correct information. Well, there is a way. She can “simply” empty the field by removing the text. Sometimes, click outside is also necessary. Then, the placeholder will appear.
Forms and world full of distractions
When she checks the clue or description, she can type the text into the input again. How user-friendly approach is this? Also, imagine doing this with more than one field. Let’s think about one hypothetical situation. In this situation, something interrupts the user while she is filling in the form. It is something important and she has to do something else before she can finish the form. Let’s say that the task will take her 20 minutes. What will happen when she returns to the form?
Let’s say, the form is half complete and there are no labels. There are no clue to confirm that the half of information is correct. Our user has to rely solely on her memory. The question is, how reliable her memory is at that moment? She didn’t predict that she will have to interrupt her work and so something else. And, she probably didn’t think about trying to memorize what all the inputs are for. Although this may seem like an extreme example, it is not.
Another example could be user filling in the form on his mobile form while someone suddenly interrupts him. The result is the same. Without labels, short-term memory is the only help. This is the world we are designing mobile forms for. This world, the real world is full of distractions.
We are designing for illusory world, not for reality
Unfortunately, many designers design, not only mobile forms, for world that is not congruent with this reality. In that ideal world, users are always completely focused when they are filling out forms. There are no distractions. Again, the reality is different. In the real world, users are not single-tasking. Instead, user are quite often multitasking. A lot of people have open more than just one tab at single time. The same for apps. Some people are quite good in switching between them.
Some people might be also talking with someone else. How many times did you see person in coffeehouse talking to someone who was looking at the phone? Nowadays, this is not so rare. And, what if you get a message in the middle of filling some form? Or, someone might call you. You switch your attention to the distraction without thinking about it. When you return to the form, will remember where did you stop? Will you know what that information belongs into that field?
All these distractions put our ability to finish the form successfully into question. The reality is that people are often not completely focused on the task at hand. You don’t need to read stacks of research papers on usability to know this. Mobile users are frequently distracted and interrupted while using their devices. And, it doesn’t matter what is the source of distraction. The consequences are the same. Our short-term memory and ability to recall information is disrupted.
Labels improve usability of forms
We have to adjust the way we design mobile forms, and forms in general, to fit the reality. The question is, how? First, we should help users continue where they stopped. They need to have some clue about the field they are filling. Yes, this means adding a labels for all fields. Unlike placeholders, labels are omnipresent. Users can always use labels to ensure they are filling the field with the right information. This is true even if they return to the form after longer time.
Another reason for replacing placeholders with labels is that labels allow users to check the information before submitting the form. How many times did you submit a form without making sure all information are correct? Probably not that often. How can you make sure all information are correct without any clues describing all input fields? You can’t. You have to delete the information for each and every field to show the placeholder. With labels, this is not necessary.
Next, placeholders can be a pain for people using keyboard to switch between fields. When I need to fill some form, I like to use tab key on desktop or arrow key on smartphone. It is much easier to switch between fields. This can cause problems in forms that don’t contain labels. Placeholders can disappear when you select the input. If you didn’t have the time to read the placeholder, you don’t know what to type in. This can’t happen if the form contains labels.
The last reason for using labels instead of placeholders is to avoid confusion. Some users may think that the placeholder is text that was automatically filled in. Or, they may think that the placeholder is a default value. As a result, they will skip the field. Ask yourself, can this happen if you use labels? Let me give you one more reason for using labels. Placeholder should be used as a hint. Placeholders should provide users with supplemental, not essential, information.
If you have field for password, placeholder should tell the user how long the password should be. Or, it should say what characters are allowed, or both. It should not just say “Password”. It is the purpose of labels to label form fields, not placeholders.
Using labels in conjunction with placeholders is not a solution
Can we say that using both, labels and placeholders, is the best for great creating mobile forms? Unfortunately, no. There is still the possibility that some users will think that placeholder text is either a default value or result of browser’s autocomplete function. So, what if you need to add some additional information? My recommendation is simple. Add these additional information or hints outside the field. This way, it will be always visible.
For example, you can place the label as first, hint text as second and form field as third. And, make sure to use proper amount of space between these elements. Remember, proximity matters. Elements that are near each other tend to be perceived as a group. Put simply, use less space between the label, hint and input than the rest of the form elements. I would also suggest using lighter color and font-size for the hint text than label. This will increase the importance of labels.
Closing thoughts on mobile forms
These are the first five best practices that will help you design and build more usable mobile forms. Hopefully, these practices will help you create forms your users will like to use. I have one last thing to say. Take this advice as a bonus or reward that you read the whole article. Always design with the user in mind. Look at it through her eyes. Think about what her needs are and what she wants to get done. Remember that empathy is the key for creating user-friendly designs.
Thank you very much for your time.
Want more?
If you liked this article, please subscribe or follow me on Twitter.
The post 10 Best Practices for Designing More Usable Mobile Forms Pt1 appeared first on Alex Devero Blog.
#Design & Development#UX & Psychology#design#designer#development#experience#experimenting#Fee
0 notes
webbygraphic001 · 8 years ago
Text
7 design predictions for 2017, that might actually happen
Every year, blogs like this one try to predict what’s going to happen in our industry over the next 12 months. Design is a product of its environment and good design reflects the world that it exists in; no one has a crystal ball, so unsurprisingly design predictions are wrong as often as they are right.
However, there are clear emerging trends on the web. Sometimes we see developments happen in front of us. Sometimes they keep coming up in conversation. Sometimes one solid idea unites a set of related trends. More often than not, we’re just following the age-old pattern of revolution and counter-revolution.
Here are seven developments I think we’ll see this year, together with a score on how confident I am that I’m right…
1. 2017 will not be the year of VR
VR is amazing. The ability to disconnect from your context and immerse yourself in a more flexible reality is genuinely world-changing. What’s more, the technology is finally mature enough to deliver on its promise. But VR will not be a mainstay of web design in the next 12 months.
The common objection to VR is the cost of the kit, but actually a VR headset is relatively cheap. A smartphone costs in the region of $850 (and only lasts a month less than the contract you sign to get it) and the mobile web is still growing at pace. (What’s more, you can use that self-same smartphone and some cardboard to create a rudimentary VR setup.)
Most people are too lazy to put on a VR headset just to order pizza
What’s holding up VR is our laziness. If you look at your web stats, you’ll see that most mobile browsing occurs via wifi; in other words, we’re browsing the web on portable devices when we’re not mobile. We know that we’ll get a better experience on desktop, but the desk is all the way over there, and my phone’s already on, and it’s in my pocket…
The biggest challenge to VR is that it can’t be used casually. VR is an event, an experience. Most people are too lazy to put on a VR headset just to order pizza. So we’ll play games, watch movies, tour vacation spots, but we won’t browse Vice, or flick through Facebook, or just kill time. Until we do, VR will always be a supplementary technology.
 Confidence: 8/10
2. We’ll be obsessed with security, but forget passwords
For many people, 2016 was a bit of a gut-punch, and there’s inevitable fallout from that. In industry terms, it doesn’t actually matter if Russian hackers put Trump in the Whitehouse, what matters is that the issues of hacking, privacy, and security have entered the public consciousness.
It’s very likely that over the next 12 months we’ll see an increase in the use of browsers like Vivaldi. It’s very likely that many more sites will be using SSL certificates. It’s very likely that every client you meet this year is going to have at least some questions about security.
One potential benefit of our renewed obsession with privacy is the end of passwords. Passwords have never been secure, because humans aren’t good at remembering long strings of random characters, and computers are. Passwords have always been a least-worst solution. The last few years have seen numerous attempts to move beyond them, ranging from master password applications, to social media sign-ins, to email-based logins. Finally, we have a great alternative in the form of fingerprint ID.
In 2017, the option to sign into sites using your fingerprint will become commonplace. The ubiquitous nature of mobile devices, and the steady decline of desktop browsing, coupled with the obvious benefits of a unique identifier that you don’t need to remember, will be the tipping point for simple security on the web.
Confidence: 6/10
3. Someone will finally make AI work
Obviously it won’t pass the Turing test, it won’t even try to. But provided that the marketing department agrees to call it “AI”, then machine learning and pattern recognition will make 2017 year zero for widespread artificial intelligence.
…it’s a short hop from A/B testing, to collaborative A/B testing where results from multiple sites are pooled into a single AI
At the core of this AI revolution, will be an enhanced approach to A/B testing; A/B testing only produces reliable results when you have many thousands of sessions to gather feedback from—more than most sites can muster. With the continued growth of design patterns, and the acceptance of design convergence over the last couple of years, countless designers are working with comparable UI elements. All of which means it’s a short hop from A/B testing, to collaborative A/B testing where results from multiple sites are pooled into a single AI. Complex design problems can then be solved using feedback from millions of users across thousands of sites.
In 2017 someone will release a cloud-based solution that will gather data from across the web, and interpret it intelligently so users can design from an informed point of view. This process won’t replace designers, because insights will, by necessity, be broad and work on a design pattern level. How to implement those insights will be a key talent for designers over the next decade.
Confidence: 3/10
4. The death of the web(site) and an end to online advertising
Designing sites as component-based systems, rather than as individual pages has been a popular approach for a number of years. The latest formalised version of the approach is Brad Frost’s Atomic Design. The value this methodology brings is an increased flexibility, greater consistency, and a more responsive approach across different media.
In 2017 we’ll take the next step by detaching components from sites, and delivering content as brands, rather than distinct websites.��A travel service for example, might have hotel listings, flight listings, venue reviews, currency conversion, weather reports, all displayed in a single browser window, and all syndicated from different content providers. We’ll effectively be browsing as we do now using multiple tabs, but on a single screen.
Initially these services will be web apps, eventually we may see them evolve into distinct browser-like applications.
The side-effect of this new approach to syndication will be the final nail in the coffin of the floundering advertising revenue model. Advertising has always been a flawed method for funding the web: adverts are intrusive, unpopular, and impact content.
There are now two distinct webs forming, the traditional web that is locked in to single providers, and a SaaS model in which micro-payments buy access to select content. As 2017 progresses we’ll see the growth of the payment model, not in the form of paywalls, but in tiny micro-payments, enabled in the browser, that pay for syndicated content as we consume it.
Confidence: 2/10
5. The web will be beautiful
Utilitarian design has been the de facto approach for five years or more. We talk about design being “invisible”, as if a user being aware of design is somehow harmful.
Through 2016 there was an increasing interest in “delightful” design. Companies like WeTransfer enhanced their value with conspicuous design. Leading design thinkers like Stefan Sagmeister were advocating for beauty. The austerity of flat design has already been supplanted by a rediscovered love of gradients.
A reaction against the over-reliance on frameworks has lead to designers exploring more expressive ways of communicating
As human beings we’re attracted to beauty. If a product is beautiful, the experience of using it is more enjoyable. A product that is enjoyable, will be used more.
The drive for beauty is tied up in a number of ongoing trends. A reaction against the over-reliance on frameworks has lead to designers exploring more expressive ways of communicating. Hand-lettering and illustration are amongst the most in-demand design skills.
Even a clunky 2017-style AI can follow a set of rules to make type legible, to make colors inclusive, to make layouts responsive; those skills have all been mastered. In 2017, each designer’s strength will be their own craft skill, a unique vision of what is beautiful.
Confidence: 9/10
6. Design tools will explode
It’s a common misconception that there are a lot of design tools available. In actuality, there are a few key areas that receive all the attention, while the bulk of our processes are under-served. If you need a color picker, you have almost too much choice. If you’re looking for a prototyping tool there are a dozen or more professional-grade options available. If on the other hand you’re looking at vector graphics, you realistically have three options. For Bitmap artwork, it’s more like two.
There is clearly an appetite for new solutions to new problems. Web professionals, by our nature, are the first to dive into new technology. We think nothing of working with applications that are still in beta. The growth of prototyping tools demonstrates that there’s also a generation of software developers out there, ready to create innovative, exciting, and affordable design applications.
At the very least, in-app tooling will dramatically evolve this year. Adobe is reportedly working on AI additions to Creative Cloud as it tries to re-establish its dominance in the market, and it’s likely that other major players will follow suit.
Automation is the key word for software in 2017, and it will all be aimed at freeing up your time for more creativity.
Confidence: 7/10
7. The unstoppable rise of VX Design
Right now, someone somewhere is writing a Medium post in which they coin the latest industry buzz word. It’s probably very similar to “UX” only more-so. It’s probably “VX”; “VX” is one step along the alphabet, and still includes the cool sounding “X”. “VX” could be a reference to “VR”, it probably stands for “Virtual Experience”.
The term “VX Designer” will be virtually meaningless, but eight out of ten designers will be using it on their social media profiles by December. Several new design blogs will pop up, dedicated to “All things VX”. At this year’s MAX, Adobe will announce a specialist version of Creative Cloud, targeting “VX Designers”.
By the end of the year we’ll all be pontificating on “VX” as the only legitimate approach to design in 2018.
Confidence: 10/10
800+ Creative and Professional Illustrator Brushes – only $24!
Source from Webdesigner Depot http://ift.tt/2jrwVvx from Blogger http://ift.tt/2j4Zoeb
#Blogger
0 notes