SlideShare a Scribd company logo

Institutional Web Management Workshop 2008: Form Design Debate

Download as PPT, PDF
IWMW
IWMW

Parallel Session on Coping with Forms: Implementing a Web Form Management Application

TechnologyBusiness
1 of 26
Institutional Web Management Workshop 2008: The Great Debate Coping with Forms: Implementing a Web Form Management Application Dan Jackson, City University
“ FORMS SUCK. WE SHOULD ACT ACCORDINGLY.” ‘ Web Form Design: Filling in the Blanks ’, Luke Wroblewski, Rosenfeld Media, 2008
...can’t we do better?
What about forms?
Improving your forms CAN make a difference. Jared Spool . One form. - Increased the number of customers making purchases by 45%. - Boosted revenue by $300m over the first year.
Forms can have a BIG impact, both positive & negative. We need to pay more attention to how we develop and manage our forms.
Problems: There are lots of forms. Form development is time-consuming. Form development is difficult. Sometimes our clients aren’t sure what they want! http://www.flickr.com/photos/b-tal/163450213/
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security problems It’s EASY to make an insecure form, & there are LOTS of vulnerabilities out there. Reproduced with permission of WASC, http://www.webappsec.org/projects/statistics/
Security strategies Don’t assume that… … you can trust your users. … client-side (JavaScript) validation is enough. … hackers will test for vulnerabilities using a browser. Validate data . Both on the client-side AND server-side. Use a white-list approach to data filtering. Assume that all received data is invalid until it can be proven valid. Educate yourselves about vulnerabilities.
Security strategies Scan your existing forms. Test forms for vulnerabilities while in development. Employ a reusable library or framework of server-side code. Build security into your development lifecycle .
Spam: the CAPTCHA conundrum Most people use CAPTCHA to prevent spam. BUT... CAPTCHA is notoriously inaccessible. CAPTCHA can be circumvented. CAPTCHA has been discredited. “ Just like DRM, CAPTCHA systems ultimately fail to protect against the original threat, while simultaneously inconveniencing ordinary users.” ‘ Beyond CAPTCHA: No Bots Allowed!’, http://www.sitepoint.com/article/captcha-problems-alternatives, viewed 04/07/08)
Spam strategies 1. Authentication. 2. Centralised sign-on. 3. Sessions. 4. Spam filtering & heuristic testing.
Accessibility, Usability, Design problems Forms are often long, confusing, badly designed AND painful to complete. There are LOTS of design questions to tackle. How should I chunk up my form? What are the right field types to use? Where do I place my input field labels? Should I provide field hints? Where do I place primary & secondary actions? Where do I place error messages?
Accessibility, Usability, Design strategies You Must Buy This Book. Web Form Design: Filling in the Blanks Luke Wroblewski; Rosenfeld Media, 2008.
Accessibility, Usability, Design strategies Forms should be: Clear Is the purpose of the form obvious? Are the labels helpful? Are error messages clear? Is the layout good? etc. Concise ‘ Do we really need to ask this question?’ Clever Help direct users around the form; skip irrelevant questions. Contextual Tell users why certain questions are asked, especially when you’re asking for personal data. http ://formulate.com.au/articles/what-makes-a-good-form/ , visited 15/07/08
Accessibility, Usability, Design strategies Be nice! Use natural language. Try to organise your form as a conversation rather than an interrogation . Design from the ‘outside in’, not ‘inside out’. Forms shouldn’t be a simple mirror of the fields in our database records; we need to look at our forms from the perspective of our users. Don’t construct unnecessary barriers. If a student wants a prospectus, why make her register? http://www.flickr.com/photos/martigras/2383422487/
Accessibility, Usability, Design strategies Visual Clarity Visual path to completion. Make your forms easily scannable. Fieldsets are your friend. Organising your forms into logical groups aids scanning & completion. Communicate error & success messages clearly. Hide irrelevant form controls. Figure 3.4 from Web Form Design: Filling in the Blanks by Luke Wroblewski; Rosenfeld Media, 2008. http://www.rosenfeldmedia.com/books/webforms/
Accessibility, Usability, Design strategies Coding Careful with that JavaScript. DO use for data validation, enhancing the user experience, providing users with information. DON’T make the completion or submission of a form dependent on JavaScript. Test your forms as you would a site redesign. Think about bug fixing, site analytics, usability testing. Centralise your code. Maintain a central repository of reusable form components. Accessible XHTML templates/snippets, CSS, JavaScript, server-side functions.
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Legal strategies Transparency is key. Tell your users what your policies are & what you plan to do with their data. Provide them with the chance to opt-in/out of mailings where relevant. Control. Control how your form data is stored, accessed and used. Don’t store data for longer than required. Draw up standard notices “ Personal data in this form may be used only in accordance with City University’s notification under the Data Protection Act 1998 and in compliance with the Freedom of Information Act 2000. Further details in relation to the use of personal data can be found on the University’s web site www.city.ac.uk/dataprotection . Any queries concerning Data Protection and Freedom of Information should be addressed to the Head of Information Compliance and Policy.” Get advice.
The Process: problems Agreeing on the contents of a form can be difficult. Everyone wants a say (marketing, technical, legal, departmental, etc). “ What’s this form for?” It can be hard to establish what the organisational goals of the form are. Why is this form needed? What information do we need? http://www.flickr.com/photos/colbycosh/2266583598
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Figure 2.1 from Web Form Design: Filling in the Blanks by Luke Wroblewski; Rosenfeld Media, 2008. http://www.rosenfeldmedia.com/books/webforms/ )
The Process: strategies cont. 3. Design / development. 4. Testing checkpoint. Security, usability, accessibility. 5. Information Compliance. 6. Manage data.
 
Useful links http://phpsecurity.org/ch02.pdf - Essential PHP Security Chapter 2 – Forms and URLs http://formulate.com.au/ - Formulate Information Design. Useful articles about form design. http://www.sitepoint.com/article/captcha-problems-alternatives - Excellent summary of CAPCTHA debate. http://www.lukew.com/ff/index.asp - Luke Wroblewski’s form & general usability site.

Recommended

Jordan Kasteler Usability SEO
Jordan Kasteler Usability SEOJordan Kasteler Usability SEO
Jordan Kasteler Usability SEOJordan Kasteler
 
E-networking benefits for business 23Sept10
E-networking benefits for business 23Sept10E-networking benefits for business 23Sept10
E-networking benefits for business 23Sept10Chartered Management Institute
 
Tablet PC AMATYC 2008
Tablet PC AMATYC 2008Tablet PC AMATYC 2008
Tablet PC AMATYC 2008Fred Feldon
 
Tech Tools for Development Professionals
Tech Tools for Development ProfessionalsTech Tools for Development Professionals
Tech Tools for Development ProfessionalsFelicia
 
Mullennax p fwd_w4_presentation4
Mullennax p fwd_w4_presentation4Mullennax p fwd_w4_presentation4
Mullennax p fwd_w4_presentation4Phillip Mullennax
 
Mullennax p fwd_w4_presentation5
Mullennax p fwd_w4_presentation5Mullennax p fwd_w4_presentation5
Mullennax p fwd_w4_presentation5Phillip Mullennax
 
Interface usability-adding-schweppervescence-ver3-8
Interface usability-adding-schweppervescence-ver3-8Interface usability-adding-schweppervescence-ver3-8
Interface usability-adding-schweppervescence-ver3-8SSW
 
We've Only Just Begun: Web 2.0 and Its Impact on the Modern Enterprise
We've Only Just Begun: Web 2.0 and Its Impact on the Modern EnterpriseWe've Only Just Begun: Web 2.0 and Its Impact on the Modern Enterprise
We've Only Just Begun: Web 2.0 and Its Impact on the Modern EnterpriseJohn Eckman
 

Recommended

Jordan Kasteler Usability SEO
Jordan Kasteler Usability SEOJordan Kasteler Usability SEO
Jordan Kasteler Usability SEOJordan Kasteler
 
E-networking benefits for business 23Sept10
E-networking benefits for business 23Sept10E-networking benefits for business 23Sept10
E-networking benefits for business 23Sept10Chartered Management Institute
 
Tablet PC AMATYC 2008
Tablet PC AMATYC 2008Tablet PC AMATYC 2008
Tablet PC AMATYC 2008Fred Feldon
 
Tech Tools for Development Professionals
Tech Tools for Development ProfessionalsTech Tools for Development Professionals
Tech Tools for Development ProfessionalsFelicia
 
Mullennax p fwd_w4_presentation4
Mullennax p fwd_w4_presentation4Mullennax p fwd_w4_presentation4
Mullennax p fwd_w4_presentation4Phillip Mullennax
 
Mullennax p fwd_w4_presentation5
Mullennax p fwd_w4_presentation5Mullennax p fwd_w4_presentation5
Mullennax p fwd_w4_presentation5Phillip Mullennax
 
Interface usability-adding-schweppervescence-ver3-8
Interface usability-adding-schweppervescence-ver3-8Interface usability-adding-schweppervescence-ver3-8
Interface usability-adding-schweppervescence-ver3-8SSW
 
We've Only Just Begun: Web 2.0 and Its Impact on the Modern Enterprise
We've Only Just Begun: Web 2.0 and Its Impact on the Modern EnterpriseWe've Only Just Begun: Web 2.0 and Its Impact on the Modern Enterprise
We've Only Just Begun: Web 2.0 and Its Impact on the Modern EnterpriseJohn Eckman
 
Designing usable web applications (part 1) experience dynamics web seminar
Designing usable web applications (part 1) experience dynamics web seminarDesigning usable web applications (part 1) experience dynamics web seminar
Designing usable web applications (part 1) experience dynamics web seminarExperience Dynamics
 
Enterprise User Experience in Higher Education
Enterprise User Experience in Higher EducationEnterprise User Experience in Higher Education
Enterprise User Experience in Higher EducationTarik (Rick) Dzekman
 
"Open" includes users - Leverage their input
"Open" includes users - Leverage their input"Open" includes users - Leverage their input
"Open" includes users - Leverage their inputRandy Earl
 
Making your job website easier to use
Making your job website easier to useMaking your job website easier to use
Making your job website easier to useStuart Church
 
12 Phases of Web Development Life Cycle
12 Phases of Web Development Life Cycle12 Phases of Web Development Life Cycle
12 Phases of Web Development Life CycleNCode Technologies Inc.
 
Web Design Process
Web Design ProcessWeb Design Process
Web Design ProcessShawn Calvert
 
Many people can intuitively categorize a website as good or bad,.docx
Many people can intuitively categorize a website as good or bad,.docxMany people can intuitively categorize a website as good or bad,.docx
Many people can intuitively categorize a website as good or bad,.docxhealdkathaleen
 
Iterating on Developer Marketing with Metrics
Iterating on Developer Marketing with MetricsIterating on Developer Marketing with Metrics
Iterating on Developer Marketing with MetricsJonathan Gottfried
 
Why IT Companies Fail Telling About Their Expertise?
Why IT Companies Fail Telling About Their Expertise?Why IT Companies Fail Telling About Their Expertise?
Why IT Companies Fail Telling About Their Expertise?Kraftblick
 
Acs Presentation Thinking Outside Of Inbox V2
Acs Presentation Thinking Outside Of Inbox V2Acs Presentation Thinking Outside Of Inbox V2
Acs Presentation Thinking Outside Of Inbox V2Johnny Teoh
 
Study On User Interface(UI) Attributes Of Web Forms For Better User Experience
Study On User Interface(UI) Attributes Of Web Forms For Better User ExperienceStudy On User Interface(UI) Attributes Of Web Forms For Better User Experience
Study On User Interface(UI) Attributes Of Web Forms For Better User Experienceiosrjce
 
E017363243
E017363243E017363243
E017363243IOSR Journals
 
DIGITAL-READINESS-MANUAL.pdf
DIGITAL-READINESS-MANUAL.pdfDIGITAL-READINESS-MANUAL.pdf
DIGITAL-READINESS-MANUAL.pdfssuser2e99b3
 
All In One Kart
All In One KartAll In One Kart
All In One KartMohammad AQib
 
Intranet design strategies2011 (nx power lite)
Intranet design strategies2011 (nx power lite)Intranet design strategies2011 (nx power lite)
Intranet design strategies2011 (nx power lite)Sara Durning, MDes
 
How To Start A Reflective Essay 8 Tips For Writing A
How To Start A Reflective Essay 8 Tips For Writing AHow To Start A Reflective Essay 8 Tips For Writing A
How To Start A Reflective Essay 8 Tips For Writing ALisa Martinez
 
Quality Assurance, Testing, And Implementation
Quality Assurance, Testing, And ImplementationQuality Assurance, Testing, And Implementation
Quality Assurance, Testing, And ImplementationKristen Wilson
 
Leveraging social media
Leveraging social mediaLeveraging social media
Leveraging social mediaOmar Ha-Redeye
 
Web Usability: Making Your Sites More Awesomer
Web Usability: Making Your Sites More AwesomerWeb Usability: Making Your Sites More Awesomer
Web Usability: Making Your Sites More AwesomerJennifer Riehle McFarland
 
Data-Driven Design for User Experience
Data-Driven Design for User Experience Data-Driven Design for User Experience
Data-Driven Design for User Experience Emi Kwon
 
Look who's talking now
Look who's talking nowLook who's talking now
Look who's talking nowIWMW
 
Introduction to IWMW 2000 (Liz Lyon)
Introduction to IWMW 2000 (Liz Lyon)Introduction to IWMW 2000 (Liz Lyon)
Introduction to IWMW 2000 (Liz Lyon)IWMW
 

More Related Content

Similar to Institutional Web Management Workshop 2008: Form Design Debate

Designing usable web applications (part 1) experience dynamics web seminar
Designing usable web applications (part 1) experience dynamics web seminarDesigning usable web applications (part 1) experience dynamics web seminar
Designing usable web applications (part 1) experience dynamics web seminarExperience Dynamics
 
Enterprise User Experience in Higher Education
Enterprise User Experience in Higher EducationEnterprise User Experience in Higher Education
Enterprise User Experience in Higher EducationTarik (Rick) Dzekman
 
"Open" includes users - Leverage their input
"Open" includes users - Leverage their input"Open" includes users - Leverage their input
"Open" includes users - Leverage their inputRandy Earl
 
Making your job website easier to use
Making your job website easier to useMaking your job website easier to use
Making your job website easier to useStuart Church
 
Many people can intuitively categorize a website as good or bad,.docx
Many people can intuitively categorize a website as good or bad,.docxMany people can intuitively categorize a website as good or bad,.docx
Many people can intuitively categorize a website as good or bad,.docxhealdkathaleen
 
Iterating on Developer Marketing with Metrics
Iterating on Developer Marketing with MetricsIterating on Developer Marketing with Metrics
Iterating on Developer Marketing with MetricsJonathan Gottfried
 
Why IT Companies Fail Telling About Their Expertise?
Why IT Companies Fail Telling About Their Expertise?Why IT Companies Fail Telling About Their Expertise?
Why IT Companies Fail Telling About Their Expertise?Kraftblick
 
Acs Presentation Thinking Outside Of Inbox V2
Acs Presentation Thinking Outside Of Inbox V2Acs Presentation Thinking Outside Of Inbox V2
Acs Presentation Thinking Outside Of Inbox V2Johnny Teoh
 
Study On User Interface(UI) Attributes Of Web Forms For Better User Experience
Study On User Interface(UI) Attributes Of Web Forms For Better User ExperienceStudy On User Interface(UI) Attributes Of Web Forms For Better User Experience
Study On User Interface(UI) Attributes Of Web Forms For Better User Experienceiosrjce
 
DIGITAL-READINESS-MANUAL.pdf
DIGITAL-READINESS-MANUAL.pdfDIGITAL-READINESS-MANUAL.pdf
DIGITAL-READINESS-MANUAL.pdfssuser2e99b3
 
Intranet design strategies2011 (nx power lite)
Intranet design strategies2011 (nx power lite)Intranet design strategies2011 (nx power lite)
Intranet design strategies2011 (nx power lite)Sara Durning, MDes
 
How To Start A Reflective Essay 8 Tips For Writing A
How To Start A Reflective Essay 8 Tips For Writing AHow To Start A Reflective Essay 8 Tips For Writing A
How To Start A Reflective Essay 8 Tips For Writing ALisa Martinez
 
Quality Assurance, Testing, And Implementation
Quality Assurance, Testing, And ImplementationQuality Assurance, Testing, And Implementation
Quality Assurance, Testing, And ImplementationKristen Wilson
 
Leveraging social media
Leveraging social mediaLeveraging social media
Leveraging social mediaOmar Ha-Redeye
 
Web Usability: Making Your Sites More Awesomer
Web Usability: Making Your Sites More AwesomerWeb Usability: Making Your Sites More Awesomer
Web Usability: Making Your Sites More AwesomerJennifer Riehle McFarland
 
Data-Driven Design for User Experience
Data-Driven Design for User Experience Data-Driven Design for User Experience
Data-Driven Design for User Experience Emi Kwon
 

Similar to Institutional Web Management Workshop 2008: Form Design Debate (20)

Designing usable web applications (part 1) experience dynamics web seminar
Designing usable web applications (part 1) experience dynamics web seminarDesigning usable web applications (part 1) experience dynamics web seminar
Designing usable web applications (part 1) experience dynamics web seminar
 
Enterprise User Experience in Higher Education
Enterprise User Experience in Higher EducationEnterprise User Experience in Higher Education
Enterprise User Experience in Higher Education
 
"Open" includes users - Leverage their input
"Open" includes users - Leverage their input"Open" includes users - Leverage their input
"Open" includes users - Leverage their input
 
Making your job website easier to use
Making your job website easier to useMaking your job website easier to use
Making your job website easier to use
 
12 Phases of Web Development Life Cycle
12 Phases of Web Development Life Cycle12 Phases of Web Development Life Cycle
12 Phases of Web Development Life Cycle
 
Web Design Process
Web Design ProcessWeb Design Process
Web Design Process
 
Many people can intuitively categorize a website as good or bad,.docx
Many people can intuitively categorize a website as good or bad,.docxMany people can intuitively categorize a website as good or bad,.docx
Many people can intuitively categorize a website as good or bad,.docx
 
Iterating on Developer Marketing with Metrics
Iterating on Developer Marketing with MetricsIterating on Developer Marketing with Metrics
Iterating on Developer Marketing with Metrics
 
Why IT Companies Fail Telling About Their Expertise?
Why IT Companies Fail Telling About Their Expertise?Why IT Companies Fail Telling About Their Expertise?
Why IT Companies Fail Telling About Their Expertise?
 
Acs Presentation Thinking Outside Of Inbox V2
Acs Presentation Thinking Outside Of Inbox V2Acs Presentation Thinking Outside Of Inbox V2
Acs Presentation Thinking Outside Of Inbox V2
 
Study On User Interface(UI) Attributes Of Web Forms For Better User Experience
Study On User Interface(UI) Attributes Of Web Forms For Better User ExperienceStudy On User Interface(UI) Attributes Of Web Forms For Better User Experience
Study On User Interface(UI) Attributes Of Web Forms For Better User Experience
 
E017363243
E017363243E017363243
E017363243
 
DIGITAL-READINESS-MANUAL.pdf
DIGITAL-READINESS-MANUAL.pdfDIGITAL-READINESS-MANUAL.pdf
DIGITAL-READINESS-MANUAL.pdf
 
All In One Kart
All In One KartAll In One Kart
All In One Kart
 
Intranet design strategies2011 (nx power lite)
Intranet design strategies2011 (nx power lite)Intranet design strategies2011 (nx power lite)
Intranet design strategies2011 (nx power lite)
 
How To Start A Reflective Essay 8 Tips For Writing A
How To Start A Reflective Essay 8 Tips For Writing AHow To Start A Reflective Essay 8 Tips For Writing A
How To Start A Reflective Essay 8 Tips For Writing A
 
Quality Assurance, Testing, And Implementation
Quality Assurance, Testing, And ImplementationQuality Assurance, Testing, And Implementation
Quality Assurance, Testing, And Implementation
 
Leveraging social media
Leveraging social mediaLeveraging social media
Leveraging social media
 
Web Usability: Making Your Sites More Awesomer
Web Usability: Making Your Sites More AwesomerWeb Usability: Making Your Sites More Awesomer
Web Usability: Making Your Sites More Awesomer
 
Data-Driven Design for User Experience
Data-Driven Design for User Experience Data-Driven Design for User Experience
Data-Driven Design for User Experience
 

More from IWMW

Look who's talking now
Look who's talking nowLook who's talking now
Look who's talking nowIWMW
 
Introduction to IWMW 2000 (Liz Lyon)
Introduction to IWMW 2000 (Liz Lyon)Introduction to IWMW 2000 (Liz Lyon)
Introduction to IWMW 2000 (Liz Lyon)IWMW
 
Web Tools report
Web Tools reportWeb Tools report
Web Tools reportIWMW
 
Personal Contingency Plan - Beat The Panic
Personal Contingency Plan - Beat The PanicPersonal Contingency Plan - Beat The Panic
Personal Contingency Plan - Beat The PanicIWMW
 
Whose site is it anyway?
Whose site is it anyway?Whose site is it anyway?
Whose site is it anyway?IWMW
 
Open Source - the case against
Open Source - the case againstOpen Source - the case against
Open Source - the case againstIWMW
 
IWMW 2002: Avoiding Portal Wars - an MIS view
IWMW 2002: Avoiding Portal Wars - an MIS viewIWMW 2002: Avoiding Portal Wars - an MIS view
IWMW 2002: Avoiding Portal Wars - an MIS viewIWMW
 
What does open source mean for the institutional web manager?
What does open source mean for the institutional web manager?What does open source mean for the institutional web manager?
What does open source mean for the institutional web manager?IWMW
 
Library 2.0
Library 2.0Library 2.0
Library 2.0IWMW
 
Social participation in student recruitment
Social participation in student recruitmentSocial participation in student recruitment
Social participation in student recruitmentIWMW
 
Supporting Institutions in Changing Times: Manifesto
Supporting Institutions in Changing Times: ManifestoSupporting Institutions in Changing Times: Manifesto
Supporting Institutions in Changing Times: ManifestoIWMW
 
IWMW 2019 photo scavenger hunt highlights
IWMW 2019 photo scavenger hunt highlightsIWMW 2019 photo scavenger hunt highlights
IWMW 2019 photo scavenger hunt highlightsIWMW
 
How to Turn a Web Strategy into Web Services
How to Turn a Web Strategy into Web ServicesHow to Turn a Web Strategy into Web Services
How to Turn a Web Strategy into Web ServicesIWMW
 
Static Site Generators - Developing Websites in Low-resource Condition
Static Site Generators - Developing Websites in Low-resource ConditionStatic Site Generators - Developing Websites in Low-resource Condition
Static Site Generators - Developing Websites in Low-resource ConditionIWMW
 
Looking to the Future
Looking to the FutureLooking to the Future
Looking to the FutureIWMW
 
Looking to the Future
Looking to the FutureLooking to the Future
Looking to the FutureIWMW
 
Developing Communities of Practice
Developing Communities of PracticeDeveloping Communities of Practice
Developing Communities of PracticeIWMW
 
How to train your content- so it doesn't slow you down...
How to train your content- so it doesn't slow you down... How to train your content- so it doesn't slow you down...
How to train your content- so it doesn't slow you down... IWMW
 
Grassroots & Guerrillas: The Beginnings of a UX Revolution
Grassroots & Guerrillas: The Beginnings of a UX RevolutionGrassroots & Guerrillas: The Beginnings of a UX Revolution
Grassroots & Guerrillas: The Beginnings of a UX RevolutionIWMW
 
Connecting Your Content: How to Save Time and Improve Content Quality through...
Connecting Your Content: How to Save Time and Improve Content Quality through...Connecting Your Content: How to Save Time and Improve Content Quality through...
Connecting Your Content: How to Save Time and Improve Content Quality through...IWMW
 

More from IWMW (20)

Look who's talking now
Look who's talking nowLook who's talking now
Look who's talking now
 
Introduction to IWMW 2000 (Liz Lyon)
Introduction to IWMW 2000 (Liz Lyon)Introduction to IWMW 2000 (Liz Lyon)
Introduction to IWMW 2000 (Liz Lyon)
 
Web Tools report
Web Tools reportWeb Tools report
Web Tools report
 
Personal Contingency Plan - Beat The Panic
Personal Contingency Plan - Beat The PanicPersonal Contingency Plan - Beat The Panic
Personal Contingency Plan - Beat The Panic
 
Whose site is it anyway?
Whose site is it anyway?Whose site is it anyway?
Whose site is it anyway?
 
Open Source - the case against
Open Source - the case againstOpen Source - the case against
Open Source - the case against
 
IWMW 2002: Avoiding Portal Wars - an MIS view
IWMW 2002: Avoiding Portal Wars - an MIS viewIWMW 2002: Avoiding Portal Wars - an MIS view
IWMW 2002: Avoiding Portal Wars - an MIS view
 
What does open source mean for the institutional web manager?
What does open source mean for the institutional web manager?What does open source mean for the institutional web manager?
What does open source mean for the institutional web manager?
 
Library 2.0
Library 2.0Library 2.0
Library 2.0
 
Social participation in student recruitment
Social participation in student recruitmentSocial participation in student recruitment
Social participation in student recruitment
 
Supporting Institutions in Changing Times: Manifesto
Supporting Institutions in Changing Times: ManifestoSupporting Institutions in Changing Times: Manifesto
Supporting Institutions in Changing Times: Manifesto
 
IWMW 2019 photo scavenger hunt highlights
IWMW 2019 photo scavenger hunt highlightsIWMW 2019 photo scavenger hunt highlights
IWMW 2019 photo scavenger hunt highlights
 
How to Turn a Web Strategy into Web Services
How to Turn a Web Strategy into Web ServicesHow to Turn a Web Strategy into Web Services
How to Turn a Web Strategy into Web Services
 
Static Site Generators - Developing Websites in Low-resource Condition
Static Site Generators - Developing Websites in Low-resource ConditionStatic Site Generators - Developing Websites in Low-resource Condition
Static Site Generators - Developing Websites in Low-resource Condition
 
Looking to the Future
Looking to the FutureLooking to the Future
Looking to the Future
 
Looking to the Future
Looking to the FutureLooking to the Future
Looking to the Future
 
Developing Communities of Practice
Developing Communities of PracticeDeveloping Communities of Practice
Developing Communities of Practice
 
How to train your content- so it doesn't slow you down...
How to train your content- so it doesn't slow you down... How to train your content- so it doesn't slow you down...
How to train your content- so it doesn't slow you down...
 
Grassroots & Guerrillas: The Beginnings of a UX Revolution
Grassroots & Guerrillas: The Beginnings of a UX RevolutionGrassroots & Guerrillas: The Beginnings of a UX Revolution
Grassroots & Guerrillas: The Beginnings of a UX Revolution
 
Connecting Your Content: How to Save Time and Improve Content Quality through...
Connecting Your Content: How to Save Time and Improve Content Quality through...Connecting Your Content: How to Save Time and Improve Content Quality through...
Connecting Your Content: How to Save Time and Improve Content Quality through...
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 

Institutional Web Management Workshop 2008: Form Design Debate

  • 1. Institutional Web Management Workshop 2008: The Great Debate Coping with Forms: Implementing a Web Form Management Application Dan Jackson, City University
  • 2. “ FORMS SUCK. WE SHOULD ACT ACCORDINGLY.” ‘ Web Form Design: Filling in the Blanks ’, Luke Wroblewski, Rosenfeld Media, 2008
  • 5. Improving your forms CAN make a difference. Jared Spool . One form. - Increased the number of customers making purchases by 45%. - Boosted revenue by $300m over the first year.
  • 6. Forms can have a BIG impact, both positive & negative. We need to pay more attention to how we develop and manage our forms.
  • 7. Problems: There are lots of forms. Form development is time-consuming. Form development is difficult. Sometimes our clients aren’t sure what they want! http://www.flickr.com/photos/b-tal/163450213/
  • 8.
  • 9. Security problems It’s EASY to make an insecure form, & there are LOTS of vulnerabilities out there. Reproduced with permission of WASC, http://www.webappsec.org/projects/statistics/
  • 10. Security strategies Don’t assume that… … you can trust your users. … client-side (JavaScript) validation is enough. … hackers will test for vulnerabilities using a browser. Validate data . Both on the client-side AND server-side. Use a white-list approach to data filtering. Assume that all received data is invalid until it can be proven valid. Educate yourselves about vulnerabilities.
  • 11. Security strategies Scan your existing forms. Test forms for vulnerabilities while in development. Employ a reusable library or framework of server-side code. Build security into your development lifecycle .
  • 12. Spam: the CAPTCHA conundrum Most people use CAPTCHA to prevent spam. BUT... CAPTCHA is notoriously inaccessible. CAPTCHA can be circumvented. CAPTCHA has been discredited. “ Just like DRM, CAPTCHA systems ultimately fail to protect against the original threat, while simultaneously inconveniencing ordinary users.” ‘ Beyond CAPTCHA: No Bots Allowed!’, http://www.sitepoint.com/article/captcha-problems-alternatives, viewed 04/07/08)
  • 13. Spam strategies 1. Authentication. 2. Centralised sign-on. 3. Sessions. 4. Spam filtering & heuristic testing.
  • 14. Accessibility, Usability, Design problems Forms are often long, confusing, badly designed AND painful to complete. There are LOTS of design questions to tackle. How should I chunk up my form? What are the right field types to use? Where do I place my input field labels? Should I provide field hints? Where do I place primary & secondary actions? Where do I place error messages?
  • 15. Accessibility, Usability, Design strategies You Must Buy This Book. Web Form Design: Filling in the Blanks Luke Wroblewski; Rosenfeld Media, 2008.
  • 16. Accessibility, Usability, Design strategies Forms should be: Clear Is the purpose of the form obvious? Are the labels helpful? Are error messages clear? Is the layout good? etc. Concise ‘ Do we really need to ask this question?’ Clever Help direct users around the form; skip irrelevant questions. Contextual Tell users why certain questions are asked, especially when you’re asking for personal data. http ://formulate.com.au/articles/what-makes-a-good-form/ , visited 15/07/08
  • 17. Accessibility, Usability, Design strategies Be nice! Use natural language. Try to organise your form as a conversation rather than an interrogation . Design from the ‘outside in’, not ‘inside out’. Forms shouldn’t be a simple mirror of the fields in our database records; we need to look at our forms from the perspective of our users. Don’t construct unnecessary barriers. If a student wants a prospectus, why make her register? http://www.flickr.com/photos/martigras/2383422487/
  • 18. Accessibility, Usability, Design strategies Visual Clarity Visual path to completion. Make your forms easily scannable. Fieldsets are your friend. Organising your forms into logical groups aids scanning & completion. Communicate error & success messages clearly. Hide irrelevant form controls. Figure 3.4 from Web Form Design: Filling in the Blanks by Luke Wroblewski; Rosenfeld Media, 2008. http://www.rosenfeldmedia.com/books/webforms/
  • 19. Accessibility, Usability, Design strategies Coding Careful with that JavaScript. DO use for data validation, enhancing the user experience, providing users with information. DON’T make the completion or submission of a form dependent on JavaScript. Test your forms as you would a site redesign. Think about bug fixing, site analytics, usability testing. Centralise your code. Maintain a central repository of reusable form components. Accessible XHTML templates/snippets, CSS, JavaScript, server-side functions.
  • 20.
  • 21. Legal strategies Transparency is key. Tell your users what your policies are & what you plan to do with their data. Provide them with the chance to opt-in/out of mailings where relevant. Control. Control how your form data is stored, accessed and used. Don’t store data for longer than required. Draw up standard notices “ Personal data in this form may be used only in accordance with City University’s notification under the Data Protection Act 1998 and in compliance with the Freedom of Information Act 2000. Further details in relation to the use of personal data can be found on the University’s web site www.city.ac.uk/dataprotection . Any queries concerning Data Protection and Freedom of Information should be addressed to the Head of Information Compliance and Policy.” Get advice.
  • 22. The Process: problems Agreeing on the contents of a form can be difficult. Everyone wants a say (marketing, technical, legal, departmental, etc). “ What’s this form for?” It can be hard to establish what the organisational goals of the form are. Why is this form needed? What information do we need? http://www.flickr.com/photos/colbycosh/2266583598
  • 23.
  • 24. The Process: strategies cont. 3. Design / development. 4. Testing checkpoint. Security, usability, accessibility. 5. Information Compliance. 6. Manage data.
  • 25.  
  • 26. Useful links http://phpsecurity.org/ch02.pdf - Essential PHP Security Chapter 2 – Forms and URLs http://formulate.com.au/ - Formulate Information Design. Useful articles about form design. http://www.sitepoint.com/article/captcha-problems-alternatives - Excellent summary of CAPCTHA debate. http://www.lukew.com/ff/index.asp - Luke Wroblewski’s form & general usability site.