undefined | Better HN

0 pointsBjartr9mo ago0 comments

Didn't say the buttons were invisible, just text.

Even if this specific example is flawed, non-technical users can and do end up in similar non-sensical situations that require a call to support to sort out. The more customization that's possible, the more complicated those calls can get. (Think of the support guy that has to figure out that Grandma's Windows Home setup has custom group policy settings that her well-meaning grandson setup to make things simpler for her by hiding this or that, and now she can't follow the tech's instructions that work for 99.9% of users)

Not only that, but they do so enough that the added cost to field those support calls is enough for companies to change their products to reduce their likelihood.

Almost no-one on this forum falls into the category of user I'm describing. And this kind of user is one of the most common for general consumer software. There is a real cost burden to supporting software with configurability.

And when this kind of thing gets messed up, do users go "Oops! My bad!"? No, they go "This software sucks, I'm going to use <competitor> instead where this kind of thing never happens!"

0 comments

aspenmayer9mo ago

A common failure mode I’ve seen: since Windows 8/8.1 iirc, so-called “Microsoft accounts” are used to login to the OS, as opposed to local user accounts, which were the status quo for personal computers, and are managed locally by the OS on behalf of Administrator users. Many legacy Windows users had and have no idea what the difference is or why it matters, but part of the Microsoft Account setup flow in Windows OOBE involves setting up 2FA for the new Microsoft Account, and I think it will let you use email or SMS, and maybe even a phone call to get the 2FA code. I think you are given the option to complete the 2FA at a later time, in case the code is delayed, but I forget for sure.

I can’t count how many people I helped to regain access to their computer login because of losing access to the method used to receive 2FA codes for Microsoft accounts, which is necessary to login if you have forgotten your password. The Microsoft account user setup won’t let you make a password-free login unless you use a local account, and short easily guessable passwords don’t meet their online account security requirements. Most people probably don’t want a Microsoft account if it has this failure mode, but people don't know the trade offs at the time of user account setup, and Microsoft uses that ignorance as leverage to get people signed into everything so that you will have have opted-in to all of this. It’s such an own-goal by Microsoft and it makes me feel for users who have no idea how any of this works. It’s a hard problem to solve, I’m sure, but it shouldn’t be like this.

The people who are most disadvantaged by the high tech highly secure thrust of modern tech are those who have the least skills with technology. Low skill users are also most at risk for scams and malware and other kinds of tactics, so I don’t mean to say that having no password is good. Having no password is a bad solution to the problem of computers being hard to use for many people, and they don’t know what they don’t know, so anything that they haven’t seen before is a cause for concern or alarm to their mind. Since most people have forgotten that they even have a Microsoft account by the time they have trouble logging in to their computer using one, they click around until they get to the account recovery, and then usually get their account locked because they can’t solve the security challenges that they never faced before or anticipated when doing the initial setup perhaps years prior.

j / k navigate · click thread line to collapse