SecurityAndPrivacySettings

Differences between revisions 52 and 53
Revision 52 as of 2014-10-28 13:40:59
Size: 14277
Editor: mpt
Comment: + ability to unlock a SIM from within System Settings (bug 1378883)
Revision 53 as of 2014-10-28 13:48:15
Size: 14022
Editor: mpt
Comment: replace success text notification bubbles with simpler checkmark in the action button
Deletions are marked like this. Additions are marked like this.
Line 96: Line 96:
 * None of these dialogs need [[#success-text|success text]], because success is shown by the list selection changing.
Line 106: Line 105:
 * The dialog should have [[#success-text|success text]] “The passcode has been changed.” or “The passphrase has been changed.”.
Line 140: Line 138:
   * [[#success-text|Success text]] “The SIM PIN has been changed.”.
Line 168: Line 165:
  1. <<Anchor(success-text)>>If the action succeeds, the dialog should close, and the '''success text''', if any, should appear as a notification bubble.   1. <<Anchor(success-text)>>If the action succeeds, the “Cancel” button should become insensitive, the main action button’s label should be replaced by (./) a green checkmark, then after two seconds the dialog should close.

Contents

  1. PC
    1. “Security” tab
    2. “Files & Applications” tab
    3. “Diagnostics” tab
  2. Phone
    1. Locking
    2. SIM PIN
    3. Common behavior for “Phone locking” and “SIM PIN” dialogs
    4. Location access
    5. Diagnostics

PC

System Settings should have a “Security & Privacy” panel.

“Security” tab

security.png

TBD

“Files & Applications” tab

files-applications.png

clear-usage-data.png

“Diagnostics” tab

diagnostics.png

The “Diagnostics” tab is described in detail at ErrorTracker. (If there is any difference between this sketch and that one, believe that one.)

Phone

security-privacy-access.phone.png

The main System Settings screen should have a “Security & Privacy” item.

phone-security-privacy.png

“Lock phone” should navigate to the “Phone locking” screen.

“SIM PIN” should navigate to the “SIM PIN” screen.

Whenever “Launcher” is off, the other “When locked, allow:” options should be off and insensitive. Whenever “Launcher” is turned on, those other options should return to their previous values.

When “Stats on welcome screen” is off, the infographic on the welcome screen should not use any personal data.

When “Messages on welcome screen” is off, SMS and other messages should not be displayed on the welcome screen.

“Location access” should navigate to the “Location” screen.

“Other app access” should navigate to the “Other app access” screen.

“Diagnostics” should navigate to the “Diagnostics” screen.

Locking

lock-access.phone.png

On the “Security & Privacy” screen, “Lock phone” should have the summary value “Manually”, “After 1 minute”, “After 2 minutes”, etc.

phone-security-privacy-locking.png

phone-security-privacy-lock-security.png

phone-security-privacy-idle.png

On the “Lock phone” screen, the “Lock security” setting should be summarized as “None”, “Passcode”, or “Passphrase”. The “Lock when idle” setting should be summarized as “Never”, “1 minute”, “2 minutes”, etc. A discussion of protections against tampering and data theft can be found in ProtectingUserData.

Whenever “Lock security” is set to “Swipe (No security)”:

  • The caption on the “Lock when idle” screen should not include the “Shorter times are more secure.” sentence, instead saying only “The phone won’t lock during calls or video playback.”.

  • Encryption” should be off and insensitive.

  • All the “When locked, allow:” options should be both on and insensitive, and the caption should read “Turn on lock security to restrict access when the phone is locked.”. If “Lock security” is later set to another value, the “When locked, allow:” options should both become sensitive and return to their previous values.

Otherwise, whenever encryption is on, all the “When locked, allow:” options should be both off and insensitive, and the caption should read “Encryption prevents storing information while the phone is locked.”. If encryption is later turned off, the “When locked, allow:” options should both become sensitive and return to their previous values.

phone-security-privacy-lock-security-switch-swipe.png

phone-security-privacy-lock-security-switch-passphrase.png

All “Unlock the phone using:” options, except the current one, should end with an ellipsis, because switching between any two will involve further input in the form of a dialog with common dialog behavior: “Switch to Swipe”, “Switch to Passcode”, or “Switch to Passphrase” as appropriate.

  • If switching from passcode, the dialog should begin with a “Current passcode:” field, with possible error text “Incorrect passcode. Try again.”.

  • If switching from passphrase, the dialog should begin with a “Current passphrase:” field, with possible error text “Incorrect passphrase. Try again.”.

  • If switching to passcode, the dialog should end with “Choose new passcode:” and “Confirm new passcode:” fields. The latter should have possible error text “Those passcodes don’t match. Try again.”.

  • If switching to passphrase, the dialog should end with “Choose new passphrase:” and “Confirm new passphrase:” fields. The latter should have possible error text “Those passphrases don’t match. Try again.”.

  • If switching to swipe, the dialog should have “Cancel” and “Unset” buttons. In all other cases it should have “Cancel” and “Set” buttons.

phone-security-privacy-lock-security-passphrase-change.png

Whenever “Unlock the phone using:” is set to passcode or passphrase, the list of options should be followed by a “Change Passcode…” or “Change Passphrase…” button respectively. Choosing it should open a “Change Passcode” or “Change Passphrase” dialog.

  • The “Current passcode:”/“Current passphrase:” field should have possible error text “Incorrect passcode. Try again.” or “Incorrect passphrase. Try again.”.

  • The next field should be “New passcode:”/“New passphrase:”.
  • The “Confirm new passcode:”/“Confirm new passphrase:” field should have possible error text “Passcodes don’t match. Try again.” or “Passphrases don’t match. Try again.”.

SIM PIN

sim-pin-access.phone.png

On the “Security & Privacy” screen, “SIM PIN” should have the summary value “Off” or “On” if there is one SIM. If there are two SIMs, it should have the summary value “Off”, “1/2”, or “2/2”.

The contents of the “SIM PIN” screen should depend on the number of SIMs:

sim-pin-section-off.phone.png

sim-pin-section-locked.phone.png

sim-pin-section-unlocked.phone.png

A SIM PIN section should consist of:

  • If there is more than one SIM, to show which one this is, an introductory label consisting of the SIM ID followed by a colon.

  • A “SIM PIN” switch, reflecting whether the SIM PIN is active (regardless of whether it is locked or unlocked). Whenever you turn the SIM PIN on, if a PIN was recorded already, an “Enter Previous SIM PIN” dialog should appear, with a PIN field, “Cancel” and “Start Using PIN” buttons, and the common dialog behavior. And whenever you turn SIM PIN off, an “Enter SIM PIN” dialog should appear, with a PIN field, “Cancel” and “Stop Using PIN” buttons, and the common dialog behavior. In both dialogs, the field should have initial caption “{N} attempts allowed.”, changing on error to the error text “Incorrect PIN. {N} attempts remaining.”. If you cancel, the SIM PIN should remain in its previous state.

  • Whenever “SIM PIN” is on, a static item showing whether the SIM is “Unlocked” or “Locked” (bug 1378883).

    • Whenever it is locked, at the trailing end should be an “Unlock…” button that opens an “Unlock SIM” dialog with a PIN field, “Cancel” and “Unlock” buttons, and the common dialog behavior. Whenever it is unlocked,

    • Whenever it is unlocked, at the trailing end should be a “Change PIN…” button that opens a “Change SIM PIN” dialog. This dialog should have:

      • A “Current PIN:” field, with the initial caption “{N} attempts allowed.”, changing on error to the error text “Incorrect PIN. {N} attempts remaining.”.

      • A “Confirm new PIN:” field, with possible error text “PINs don’t match. Try again.”.

      • The common dialog behavior.

Finally, the SIM PIN caption should differ slightly depending on whether any SIM currently has the SIM PIN turned on:

  • If not: “When a SIM PIN is set, after restarting the phone or swapping the SIM, you must unlock the SIM before making calls or using SMS or other cellular services. Entering an incorrect PIN repeatedly may lock the SIM permanently.”
  • If so: “After restarting the phone or swapping the SIM, you must unlock the SIM before making calls or using SMS or other cellular services. Entering an incorrect PIN repeatedly may lock the SIM permanently.”

Common behavior for “Phone locking” and “SIM PIN” dialogs

phone-sim-pin-previous.png

phone-sim-pin-change.png

For the “Switch to Swipe”, “Switch to Passcode”, “Switch to Passphrase”, “Change Passcode”, “Change Passphrase”, “Enter Previous SIM PIN”, “Enter SIM PIN”, and “Change SIM PIN” dialogs:

  • Whenever a passcode field does not contain exactly four digits, or a SIM PIN field does not contain 4~8 digits (the GSM PIN bounds), the main action button should be insensitive.
  • Whenever a “Confirm new…” field does not contain exactly the same number of characters as the “Choose new…” field, the main action button should still be insensitive.

  • Whenever a “Confirm new…” field does contain exactly the same number of characters as the “Choose new…” field, but the values do not match, the main action button should still be insensitive, both fields should immediately get the standard error style, and the error text should appear as a caption below the “Choose new…” field.

  • When you choose the main action:
    1. The dialog should remain open, with all its elements temporarily insensitive, while the action is attempted. If it takes more than a second, the action button’s text should be replaced by a spinner.

    2. If the “Current…” field (where present) has an incorrect value, it should then acquire the standard error style (bug 1222787), the error text should appear as a caption (also with the standard error style) below the field (pushing the rest of the dialog downward), the field should become focused, its contents should become selected, and all elements should resume sensitivity.

    3. Otherwise, if the “Choose…” and “Confirm…” fields (where present) do not match, both should then get the standard error style, the error text should appear as a caption below the second one, the first one should become focused, and its contents should become selected, and all elements should resume sensitivity.

    4. If the action succeeds, the “Cancel” button should become insensitive, the main action button’s label should be replaced by (./) a green checkmark, then after two seconds the dialog should close.

Location access

location.phone.png

The “Location” screen is described in detail at Location. (If there is any difference between this sketch and that one, believe that one.)

Diagnostics

diagnostics-access.phone.png

On the “Security & Privacy” screen, the “Diagnostics” settings should be summarized as “Sent” if any are, or “Not sent” if none are. (Both should have a translation note explaining that “sent” means that data is habitually sent, not that it was sent in the past tense.)

diagnostics.phone.png

The “Diagnostics” screen is described in detail at ErrorTracker. (If there is any difference between this sketch and that one, believe that one.)

SecurityAndPrivacySettings (last edited 2016-07-11 16:06:13 by mpt)