locked
Login is too cumbersome RRS feed

  • Question

  • Hello

    I've downloaded the pre-release of the Live SDK and I read the documentation. The login system seems to be way too complicated and cumbersome. Why do I have to use a web browser control in Windows Forms or WPF? Why do i have to use special login controls in Phone or Metro apps which break the XAML designer? Why is it not possible to create my own login form with standard textboxes and button controls and apply the username and password to the Live SDK properties? These strict rules make the application UI totally ugly and the usability is really bad for the user. I'm using the Dropbox API and things are a lot easier. Do you think app developers switch to Skydrive with so many restrictions? Please make it easy to use and allow a nice and native integration into the app, without those hacks like the webbrowser control and that stuff.

    Thank you

    • Edited by dvlg Sunday, September 18, 2011 12:17 AM
    Sunday, September 18, 2011 12:13 AM

Answers

  • Hello

    I've downloaded the pre-release of the Live SDK and I read the documentation. The login system seems to be way too complicated and cumbersome. Why do I have to use a web browser control in Windows Forms or WPF? Why do i have to use special login controls in Phone or Metro apps which break the XAML designer? Why is it not possible to create my own login form with standard textboxes and button controls and apply the username and password to the Live SDK properties? These strict rules make the application UI totally ugly and the usability is really bad for the user. I'm using the Dropbox API and things are a lot easier. Do you think app developers switch to Skydrive with so many restrictions? Please make it easy to use and allow a nice and native integration into the app, without those hacks like the webbrowser control and that stuff.

    Thank you

    There has been a lot written about why apps collecting the username and password for online services is not a desirable practice. The most succinct write-up on this is The password anti-pattern. We understand that this is not as convenient as simply collecting usernames and passwords, but that is simply not a best practice across the industry. Many services that used to do this have switched to using OAuth based mechanisms; even Twitter which was once well known for doing has moved on
    • Proposed as answer by Dare Obasanjo - MSFT Sunday, September 18, 2011 2:08 AM
    • Marked as answer by dvlg Tuesday, September 20, 2011 1:42 PM
    Sunday, September 18, 2011 2:08 AM

All replies

  • Hello

    I've downloaded the pre-release of the Live SDK and I read the documentation. The login system seems to be way too complicated and cumbersome. Why do I have to use a web browser control in Windows Forms or WPF? Why do i have to use special login controls in Phone or Metro apps which break the XAML designer? Why is it not possible to create my own login form with standard textboxes and button controls and apply the username and password to the Live SDK properties? These strict rules make the application UI totally ugly and the usability is really bad for the user. I'm using the Dropbox API and things are a lot easier. Do you think app developers switch to Skydrive with so many restrictions? Please make it easy to use and allow a nice and native integration into the app, without those hacks like the webbrowser control and that stuff.

    Thank you

    There has been a lot written about why apps collecting the username and password for online services is not a desirable practice. The most succinct write-up on this is The password anti-pattern. We understand that this is not as convenient as simply collecting usernames and passwords, but that is simply not a best practice across the industry. Many services that used to do this have switched to using OAuth based mechanisms; even Twitter which was once well known for doing has moved on
    • Proposed as answer by Dare Obasanjo - MSFT Sunday, September 18, 2011 2:08 AM
    • Marked as answer by dvlg Tuesday, September 20, 2011 1:42 PM
    Sunday, September 18, 2011 2:08 AM
  • Thanks for the answer! I understand that it might be a security issue. But if I understand it correctly I still can use the Twitter API with native controls. I do not need a webbrowser control or any other special control. In Dropbox I have to ask the user only one time for username/password combination and then get a user token which I store on the device. And I can still use native UI elements for that. I think there must be a better solution to get this done safely.
    Monday, September 19, 2011 6:09 PM
  • Hi,

    I understand your want to customize the sign in experience for your users, however we consider showing the user an easily recognizeable UI to sign in with better as the user has a bit more reason to trust what they can recognize and have seen many times before.

    Tuesday, September 27, 2011 7:04 PM
  • Why does the official Skydrive App for Windows Phone offer an in-app login experience and not the browser based login for 3rd party developer? The skydrive app login experience is much better due to that fact. So there seems to be a way to create the login system right in the app.
    Friday, January 6, 2012 10:55 PM