Thanks for all of your feedback on our “Isolating sites and multiple online
identities
<
https://groups.google.com/forum/#!topic/mozilla.dev.privacy/XQza_CmYDr4>”
thread.
Fast forward two months, we’ve collaborated with Aislinn Grigas to conduct
a user research session.
Our goals were twofold:
1. Learn about our user’s methods to manage multiple accounts
2. Test account switching using an add-on
<
https://getmultifox.com/allaccounts/> that works similarly to our
existing design
The research findings and next steps can be read here:
https://mozilla.box.com/s/3qvwn74hmesoogbdz1zveq9ewhd04tqw
This morning, we (Aislinn, Steve, Tanvi, Javaun and I) talked about two
possible angles to package our site isolation and multiple identities
feature.
One focused mainly on *convenience*: can we reduce the time that you take
to switch between accounts from 20–30 seconds down to 2–3?
One focused mainly on *privacy*: can we align private browsing with user
expectation for it to be meaningfully more private than regular browsing?
*Convenience*
<
https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers>
I want to switch between multiple accounts to the same website as fast and
simply as possible.
- Potential solution: switch between accounts in the same tab
- We switch cookies on toggle, but can only show one set of cookie at
a time
- Great addition to password manager
- Interim solution before container lands, which will allow us to
open many accounts simultaneously on different tabs
- Challenges:
- Under the current interim solution, it will be easy to switch
between account, but user can only open one account at a time
- Challenge when storing non-cookies objects? IndexedDB, etc.
- Migrating from current solution to future solution will be tough
*Privacy*
<
https://wiki.mozilla.org/Security/Contextual_Identity_Project/Private_Session>
I want private browsing to be meaningfully private. I don’t want sites I
browse privately to track me.
- Potential solution: enhance private browsing to be even more private
- Each private window invokes a new session
- Each link opened from that window stays the same session
- Learnings can be applied to future container account switcher
product
- Challenges:
- Many different possible models to choose from:
- Each window is its own session (current design)
- Each tab is its own session (a la Safari 8 on Yosemite)
- Each site is its own session (a la Multifox/AllAccounts)
- Child’s session inherits parent’s (even if child is opened in
new tab or window)