[geeklog-devel] A few observations and ideas from our local Webmontag

Tue May 14 20:25:57 EDT 2013

1) Maybe it is the Geek in me but I would probably only use it for making
quick corrections. Maybe it is time though to think  more on this since we
are planning to drop the FCK Editor and move to CK Editor. A quick search
shows that the CKEditor does have inline Editing (HTML 5).

2) Makes sense since that is how I scan most things. I still think the right
column can work on sites that use them for the less important blocks
(especially for returning users who know where to look for certain
information)

3) Definitely a chance to improve security that isn't difficult to code.
Having the option to choose a new root user name is a good idea. We should
also probably recommend that Admins should have an alternate user name with
less security clearance to use when posting new articles, etc... Another way
to do this would be to have a display name (for display purposes) and a
separate username for logging in (or for normal Geeklog accounts have them
use the email address to login)

Tom

-----Original Message-----
From: geeklog-devel-bounces at lists.geeklog.net
[mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of Dirk Haun
Sent: May-14-13 2:00 PM
To: Geeklog Development
Subject: [geeklog-devel] A few observations and ideas from our local
Webmontag

A few things I picked up at a local event yesterday that may be worth
considering:

1) Inline editing

One presenter claimed that pretty much all of the CMS are going to move to
inline editing in the near future, i.e. the ability to edit content right
where it is on the page. The main reasons he mentioned are having a "real"
preview of what you're typing (complete with a nice demo of editing a tilted
text, right there on the page). Plus it's supposed to be easier for
non-technical users.

Of course, when you start thinking about this, it's not as easy as it may
sound at first. You could integrate, say, Aloha Editor into Geeklog in a few
hours, but proper inline editing requires a whole new approach in a few
places. Most notably: How do you add new content, e.g. an article, in the
first place?

2) The big F (no, not that one ;-)

A little theory/research, that I wasn't aware of: Apparently, most people
scan a website in the shape of an uppercase F: They scan the top from left
to right, then go down on the left side with occasional scanning into the
middle of the page - but not as far as at the top. So this pattern vaguely
looks like an F.

The point is: If you have important stuff on the right, like a menu, people
may not notice it. Something to consider, especially when going for a
two-column layout with the navigation on the right side.

3) The role of usernames in website security

One presenter suggested that people hide their username on their website,
since it's part of the login. I.e. to log in, you need both the username and
the password - but we usually give the username away. Now if you had a
non-obvious, non-visible login name, that would increase security somewhat.

Related: In the recent attacks againstWordPress blogs, it was pointed out
that the attacks were targeting a default admin username (simply "admin", I
think), but that WordPress has long had an option to choose a different
username at install time. This obviously goes in the same direction.

I see some potential here to improve our security. What do you think?

bye, Dirk

-- 
http://www.themobilepresenter.com/

_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://eight.pairlist.net/mailman/listinfo/geeklog-devel