People forget passwords, and TWiki has no exception, particularly when users rarely log in to TWiki (mainly browsing not contributing). This is a significant usability and TWiki adoption issue - see HowToGetInternalBuyInForTWiki
for one example.
(A related problem is GettingTheUsernameWrong
, which does have an easy solution.)
There are some approaches to fixing the password-forgetting problem e.g. the IE5 and Mozilla password-remembering features - however, most people seem not to use this, even when it's mentioned on the registration page, and there are inherent security risks in such a system. A stronger approach is to re-use some existing authentication that is already done outside TWiki, e.g. logging on to a file server, or some local 'single sign-on' system.
Some sites (e.g. DrKW
) have leveraged single-signon through use of browser-based per-user certificates
(used to log in via an SSL webserver and authenticate certificates - see TWikiPluginAPIForIdentification
) - this is reasonable if you are using certificates for other reasons, but most companies probably aren't. Others have done something similar with the SiteMinderPlugin
A low-tech solution
- always have an in-person induction session with new TWiki users, even if it's on the phone and
- walk them through registration and first login so that
- they check the 'Save Password' box on InternetExplorer or MozillaBrowser.
This has some added benefits, as it also lets you familiarise them with TWiki basics and help them create their home page.
-- Contributors: RichardDonkin