Title

Goals

2.1 Document the status quo

2.2 Relevance of security information

2.3 Consistent presentation of security information

2.4 User awareness of security information

2.5 Reliable presentation of security information

Overview

Anti Patterns

Recommendations

  1. Allow technical user to access details of the error in a secondary user interface (UI) but hide them in the primary UI.
  2. Primary UI security context indictors should not reflect the specific error, but should simply indicate a failure.
  3. Confine technical jargon to the secondary UI.
  4. When user is asked to make a decision, explain the risks of each option presented.
  5. Do not refer the user to the destination URL or domain for assistance.

Dependencies

Use-cases

Expected User behavior

Disruption

References