Yubico Forum

...visit our web-store at store.yubico.com
It is currently Wed Sep 20, 2017 3:40 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 3 posts ] 
Author Message
PostPosted: Tue Feb 28, 2017 5:38 pm 
Offline

Joined: Tue Feb 28, 2017 4:17 pm
Posts: 5
I'm sure this has been considered before but I just wanted to put my thoughts out and try to improve the user experience.

I bought a Neo some time ago and it has taken me quite a while to figure out how my Neo works and become comfortable using it. This is largely because I just wasn't familiar with the technology when I first bought it, but the administration workflow could definitely be improved without compromising any other interests. I configured my key on Windows with GUI but I assume (read "hope") the utilities are the same, or at least similar, on other platforms and that configuration is fully script-able from CLI.

Three problems:

  1. I think that the administration logic for the Yubikey Neo might actually be fairly intuitive for people who are already familiar with the technology and security concepts but I was not one of those people. After reading through the "start" page, skimming my product's user manual, and reading at least a dozen tutorials and descriptions for specific use cases, I was still finding new information about my product. How the slots work, the different modes, the relationship between PIV and CCID, how NFC works, radius integration, etc... It seems as though all of this information is organised into a few logical groups, like the site's "developers" section as contrasted to the "knowledge base" articles. I had to read through practically everything just to figure out how the Yubikey works in general. This isn't a huge problem but something to be aware of as more information is added and the website expands. I didn't even know there was a user manual until I spent days looking through old knowledge base articles...

  2. The main problem I encountered was actually what cleared everything up for me-- the software utilities. Looking through the software interfaces really helped solidify the information for me, like a hands-on tutorial, but this was at least a week after I actually got my Yubikey. Admittedly, I didn't have a whole lot of time to figure things out but the problem is that I couldn't find all of the software! Currently, I have installed the following...

    • YubiKey Manager 0.3.0
    • YubiKey Personalization GUI 3.1.24
    • YubiOath Desktop 3.1.0
    • YubiKey PIV Manager 1.4.1
    • Gpg4win 2.3.3

    I know there is more software that I either could not find or did not need. I am not sure that I have the most recent versions of any of the Yubico software. All of this software came from different places (i.e. the links were on unrelated pages) and I learned that it existed from different places (mostly knowledge base articles, developer section info, and third-party blogs) while trying to figure everything out. This is obviously a mess. I do appreciate the modular nature of having separate applications/utilities but there should be a central registry so people know (1) what's available, (2) what versions they should be using, (3) what the signatures/checksums should be, and (4) what exactly these programs can/cannot do.

  3. The logic inside of these programs is also problematic. They are quite simple and seem to include all the appropriate features but I believe there are two specific problems in terms of user experience:

    • The programs don't explain the settings well enough for those of us who aren't security experts. The tutorials on the Yubico website are nice and clear so this is probably fine for now but please consider adding tool-tips or a thin element at the bottom of the GUI to display tool info on cursor hover. There are currently informational buttons (only) in the Personalization Tool but they do not provide enough information to explain the significance of their subjects, they seem to be more targeted toward explaining the specific cryptographic capabilities of the YubiKey. I definitely recommend expanding this information to account for less technical users since it wouldn't be difficult and it wouldn't get in the way. Put the short, technical description up front and then begin a more general description for users like myself. People who understand the basics wouldn't need to read it.
    • Some of the programs allow for passwords, PIN, and PUK, as well as management credentials. I have figured out what all of these do and how they differ but it is very unintuitive to new users. Some of these fields do not give any explanation and require web research, many of these fields only apply within the scope of their specific software utility and have no relation to the YubiKey itself or any of the other utility programs. This was not a problem for me but it could easily cause problems for users who do not take the time to read everything carefully and document their configurations thoroughly. I imagine the current state of a result of software being added to support new features, which might not be available on all YubiKey models. Again, simple tool-tips or informational buttons would definitely improve the situation.

Again, this was just my experience but I hope my feedback is useful. I would like to see Yubico expand and proliferate secure computing across the consumer and small business markets. Questions and comments welcome. :)


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Mon Mar 06, 2017 2:45 pm 
Offline
Site Admin
Site Admin

Joined: Mon Dec 08, 2014 2:52 pm
Posts: 313
Thank you for your feedback, we'll pass it through.


Top
 Profile  
Reply with quote  
PostPosted: Sat Apr 29, 2017 11:04 pm 
Offline

Joined: Tue Feb 28, 2017 4:17 pm
Posts: 5
Thanks, I'm glad to read that you are committed to improving your customer experience. I have two more minor suggestions and a couple of technical concerns regarding your forum. I hope you find this information useful:

My suggestions are:

  • Please consider adding a link to the forum in your main website's "Support" drop-down menu. Currently, the only way I have found to access this forum is scrolling all the way to the bottom of a given page on the main site and clicking the small font link in the page footer. Perhaps this forum is not intended for customer support but I suspect that many people would find answers here, and it could only serve to decrease your workload and develop the Yubico community.

  • I realise this may be inconvenient but it would be very useful if forum users had a more organised list of threads they have viewed, authored, or participated in. Currently, the only such list I have found is the "manage subscriptions" list, which is not subdivided in any apparent way.

My technical concerns are:

  • My browser seems to log out my account with a very aggressive timeout. I have not found any way to change this setting without selecting the option to "log me on automatically".

  • It is unclear whether the option to "hide my online status for this session" applies to all future sessions when logged in automatically. I prefer to hide this sort of information, but it is a terrible nuisance to keep logging in every two minutes.


No need to reply, please just consider this customer feedback.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group