Mobile/Projects/Firefox Accounts with Sync 1.1 integration: Difference between revisions
Line 141: | Line 141: | ||
2.Users can link to the Privacy Policy form the “Create Account” page | 2.Users can link to the Privacy Policy form the “Create Account” page | ||
3.Both the ToS and PP will open in New Tabs if clicked | 3.Both the ToS and PP will open in New Tabs if clicked | ||
4.A user may accept or decline the ToS and/or PP | |||
5.If a user declines the FxA creation flow is stopped | |||
6.If a user accepts, the FxA creation flow continues | |||
10. As a user, after I have verified my email address I want to be able to access my Sync Preferences so that I can choose what data I want to share across clients and begin syncing | 10. As a user, after I have verified my email address I want to be able to access my Sync Preferences so that I can choose what data I want to share across clients and begin syncing |
Revision as of 23:40, 3 January 2014
Goals
The goal of this MVP release is primarily to provide an easy way for users to replicate their Firefox browser experience across any desktop, mobile or tablet screen. Broken down, this includes:
- Introducing "Firefox Account" to Android users
- Providing a much-improved mechanism for sign-up and sign-in to a functional sync experience
- Objective: reduce barrier to entry to sign-up to use sync functionality
- Objective: reduce number of failed attempts in setting up the account
- Utilise the current sync service as the first valuable service attached to Firefox Accounts
The underlying tactics to achieve these goals are to:
- Integrate Firefox Accounts with the Current Sync (v 1.1) service
- Improve the sign-up and sign-in flow for sync via Firefox Accounts (username & password)
- Promote sync in-product and in product marketing materials
- [for discussion - requires data] Migrate a majority of existing Sync users to this new service. Dependent on:
- Number of users impacted
- Marketing & communications support (for any migration approach)
- Engineering feasibility (for any migration approach)
- Only ONE flag day is allowed
- Applicable for current users of sync and new users of Firefox Accounts integrated with current sync
- ie when 'new sync / sync 2.0' is available, no user action must be required
Non-goals
- Simultaneous syncing across existing sync account with Firefox Account
- No support in syncing over reading lists or any home page management
- No support for syncing add-ons between Desktop and Firefox for Android
- No support for syncing of FxOS data types (including browser information)
- No support for syncing Marketplace data types
- No explicit UX in Firefox for Windows 8 Touch (metro) - only classic Desktop will contain the UX for Firefox Account and Sync management
Common MVP - requirements
General
- Users can create a Firefox Account
- Users can delete their Firefox Account
- Firefox Account will enable the current Sync (v1.1) service
- Users can sign in to their Firefox Account
- Users can sign out of their Firefox Account
- No support for federated accounts (although it is understood persona may be leveraged)
- Current sync functionality must be supported, with the following being must-haves:
- Bookmarks must be synced, with no requirement to manage bookmarks from the non-originating
- History must be synced (to make the awesomebar relevant) using the current sync algorithm for number of days we sync
- Passwords must be synced to make the mobile experience that much tighter
- Security standards must be adhered to in order to protect my saved passwords during syncing
- Add-ons must be synced between desktop machines only
- ?? 'Clearing Private Data' in the Settings menu results in a new UX flow that educates users on what this means when a user has a Firefox Account that enables sync
- Give the choice to either delete : A) session data from 'my FxA that enables sync' so that it doesn't get synced across (and back again); or B) all of my data from 'my FxA that enables sync' ??
- 'Sync' as a name remains unchanged in the UI or corresponding materials
Set-up & Account Management
- When a user first installs Firefox,a prompt will be presented to create a Firefox Account to enable Sync
- Creation of a Firefox Account is via username (email address) and password
- Present to the user what data will be synced and how this relates to their Firefox experience
- ?? If possible, provide an option for which sync data types can be synced if the user wishes to customize that is applicable at the Firefox Account level and NOT on a per-device level [as a nice-to-have] ?? - mismatch between desktop & Fennec?
- Users must not be forced to set up a Firefox Account if they either wish to defer the setup experience or never sign up at all. In this case, the user must be able to continue using the browser as expected, but without any benefits to having a Firefox Account
- ?? Users with an existing current Sync account must still be able to continue using their sync account and handle their sync settings from their connected devices for a transition period (minimum 3 months from when outbound communication has begun) ?? - part of migration strategy?
- Users must be able to change their Firefox Account passwords
- Users must be able to reset their Firefox Account passwords
- For users who have not signed up to Firefox Account upon initial install, they may be notified or prompted to set one up in order to enable Sync
- For users who have not signed up to Firefox Account upon initial install, they must be able to initiate and complete the process from somewhere in the Menu
- To support in-product promotion, a snippet must be able to point to a Firefox Account creation page for users who do not yet have a Firefox Account to enable Sync
Existing sync
- By setting up Firefox Account on a desktop or Android device, users expect the sync experience to propagate across all attached instances where Firefox Account signed-in and used; including bookmarks, history (awesomebar results), passwords, ability to send open tabs, add-ons [between desktop instances only]
- Frequency of syncing should remain the same when we transition to the new account creation model
Detaching Sync
- If a user wants to disable or delete their Firefox Account from a particular desktop or Android device, data previously synced should still remain on other instances where Firefox Account is active
- If a user wants to disable or delete their Firefox Account from a particular desktop or Android device, data should be preserved locally so that 'sync' stops, but the browser's current behaviour does not change from when sync stopped
Security/Encryption
- It is expected that synced data is encrypted securely along with their Firefox Account password
- Security defaults should be moderate, with higher-level security options available for users who wish to emulate current sync security defaults
- Stored website passwords should be kept, at default, at a higher security level (irrecoverable) than bookmarks and history (recoverable)
- Therefore by default, users must be able to recover their bookmarks and history if they have lost or forgotten their password, but it is expected that they will not be able to recover their website passwords
Performance & Stability
- In the event of service interruption to Sync, this must have no impact with current use of the browser
- In the event of service interruption, all data that should be synced will sync once service is restored in a way that is seamless to the user and without degradation to browser usage
Desktop MVP - contextual user stories
1. As a Firefox user, I want the functionality of Sync to remain the same in every respect once a Firefox Account based registration scheme replaces the crypto-based registration scheme so that I can continue to experience the same benefits from Sync in the future as I do today.
Acceptance criteria 1. Any data that is syncable in current Sync will be syncable when we introduce accounts 2. Any choices a user has to customize current Sync will be available when we introduce accounts 3. A user will not detect any difference in performance of Sync today and performance of Sync after we introduce accounts
2. As a user currently who uses Sync, I want to migrate to a Firefox Account, so that I can take advantage of an easier way to sign-in for Sync and future services offered by Mozilla.
Acceptance criteria 1.When we launch Firefox Accounts, any user who had been using Sync will find that their Sync is no longer working 2.Sync will cease to work until this user has created signed-up for Sync again via their Firefox Account
3. As a product owner, I want to be able to tell users who had been using Sync that their Sync is no longer functioning so that they understand why it is no longer working.
Acceptance criteria 1.At every point of entry for Sync sign-up after we launch Accounts, a user who had been using Sync will see a message in the UI that communicates that we know they were using Sync and that to continue using Sync they will have to sign-up again. 2.This tailored message will appear on every point of entry until this user signs up for Accounts based Sync.
4. As a user I want to be able to change or reset my password so that I can continue to use Sync even if I forget my Firefox Account password.
Acceptance criteria 1.A user can access Firefox Account settings in the Preferences menu 2.A user can choose to change or reset their password from the settings
5. As a user, I want to be able to sign-out of my Firefox Account so that I can decide to stop Syncing data on a particular client.
Acceptance criteria 1.A user can sign-out of her Firefox Account 2.After the user has signed out of an account on a given client, no data will be shared with or from that client 3.A user can sign-out by clicking on the “signed-in-state” Firefox toolbar icon 4.A user can find an option to sign out in the Firefox Account settings in the Preferences menu
6. As a user, I want to create a Firefox Account so that I can use Sync to trade data across my Firefox clients.
Acceptance criteria 1.A user can create a Firefox Account 2.A user can use their own email address and password of their choosing to create and account 3.A user can login to their Firefox Account using their email address and password 4.These login credentials will be securely encrypted
7. As a user, if I am prompted to set-up Sync, I want the option to defer so that I can choose to use Firefox without creating a Firefox Account.
Acceptance Criteria 1.If a user is prompted to set-up Sync, he can choose not to 2.If the user wishes to set-up Sync at a later time, he can.
8. As a product owner, I want to send a verification email to each email address provided by an account creator so that I can provide necessary notifications to the user in the future
Acceptance critera 1.Users will receive a verification email after they submit their email address and password 2.Users can click a link in the email to verify their email address 3.After they have verified their email address they can log in to their Firefox Account 4.I need some time with the team to discuss our options for the flow after the email is verified.
9. As a user, I want the option to review the ToS and Privacy Policy so that I can make sure I’m comfortable providing my information to Mozilla.
Acceptance criteria 1.Users can link to the ToS from the “Create Account” page 2.Users can link to the Privacy Policy form the “Create Account” page 3.Both the ToS and PP will open in New Tabs if clicked 4.A user may accept or decline the ToS and/or PP 5.If a user declines the FxA creation flow is stopped 6.If a user accepts, the FxA creation flow continues
10. As a user, after I have verified my email address I want to be able to access my Sync Preferences so that I can choose what data I want to share across clients and begin syncing
Acceptance criteria 1.Users can access Sync Preferences after they have verified their account 2.Users can choose to “Start Syncing” from the Preferences page 3.Users can select to share “Everything” and will begin syncing all possible data 4.Users can further customize what they want to share by selecting from the following list *Bookmarks *History *Passwords *Tabs *Add-ons (b/w Desktops only) *Preferences (b/w Desktops only)
Firefox for Android MVP - contextual user stories
Set-up & Account Management
- As a Firefox for Android user, I want the option of setting up a new Firefox Account when I first install Firefox, so I can sync my browser data between my devices.
- As a user, I want a way to clearly understand what data Sync is actually Syncing, what that data means in terms of my browser functionality, and what happens to that data when I have logged out of my Firefox Account.
- As a user, I want to set up a Firefox Account using an email address and password of my choice, so I am not required to use any particular third-party sign-in service - I am comfortable using an email address of my choice for this purpose.
- As a user, I don't want to be forced to create a Firefox Account when I first start using Firefox, so I can start using the browser as quickly as possible once I've downloaded and installed it.
- As a user, I want all of my data (history, bookmarks, etc.) to be saved on my local machine whether or not I've set up a Firefox Account, so I am still able to build up a collection of data and personalize my Firefox experience over time.
- As a user, I want to be able to change the password for my Firefox Account data from any device that allows me to sign into my Firefox Account, so if someone does steal my laptop or other mobile device they won't be able to access any new data that is added to my Sync Account, even though they will be able to access the data that had been previously synced and is local on the device.
- As a user, I want to be able to reset the password for my Firefox Account data from any device that allows me to sign into my Firefox Account, so I can continue using my Firefox Account even if I have forgotten my password.
- As a user, I want to be prompted to create a Firefox Account when I first install my browser, but I want it to be easy to dismiss that prompt either forever (so I don't get bothered again), or to be reminded again later in a day or two (so I remember to look at it in more detail another time). I also want it to be very easy to get more details about what a Firefox Account is and why I would want it before I go through the process of creating one.
- As a user, I want to be able to go into a settings menu to create my Firefox Account, so that I can set up it up in my own time.
- As a user, when I select 'Clear Private Data' in my browser, I need to be educated on what my choices are in how it relates to my Sync functionality so that I don't inadvertently have the wrong expectations about its behaviour.
Core existing sync user stories
- As a user, I want to be able to pick up any new device and replicate my Firefox experience so I don't have to repeat a bunch of work I've already done on another device or computer.
- AWESOMEBAR & HISTORY - As a user with several devices, I want my core Firefox experience to be available on all devices, so I don't have to spend a lot of time rebuilding my awesomebar experience or other personalizations on each. (Equal to whatever parity with current Sync is in terms of # of days of history.)
- PASSWORDS - As a user, if I have typed in and stored a password in Firefox on one device or computer, I don't want to have to type and store that password again on any of my other devices so my web accounts & passwords are magically available on all of my devices (especially important so I don't make typing mistakes on my mobile and become frustrated!).
- OPEN TABS - As a user, I want the option of syncing my tabs from other devices so I can pick up where I left off when I switch to another device. (current Sync behaviour). NB: not married to this use-case for MVP.
- BOOKMARKS - As a user, I want all of my bookmarks to be synced across my devices, although I don't expect full bookmark management tools on mobile devices. Any bookmarks I create while on mobile devices should be put into a single "Mobile" (or similar) folder which is then synced. Desktop bookmark organization & behaviour should not change and vice versa.
- As a user, I expect Firefox Sync to sync my data relatively frequently, but not instantly.
Detaching Sync
- As a user, I want to be able to stop Syncing to preserve data costs on my mobile, but be able to preserve the ability to sync when I resume syncing again.
Security/Encryption
- As a user, I expect Firefox Sync to securely encrypt all my Firefox server data with my Firefox Account password.
Performance & Stability
- As a user, in the event of Sync service interruptions, I expect to be able to use my browser and previously-synced local data as normal, even if Firefox cannot access the Sync servers for an extended period of time.
Migration
Strategy
- We want to encourage existing Sync users to migrate to a Firefox Account, without harming the experience of users who aren't ready to move for a minimum period of 3 months from when outbound communication has begun.
- There must be overlapping support for current sync account who haven't signed up to Firefox Account and to the new Firefox Account & sync v1.1 for a minimum period of 3 months from when outbound communication has begun
- As feasible, we want to encourage existing sync users to sign up to a Firefox Account
- User data is preserved (same sync) but the sign-in process will differ, including security defaults
- If this is NOT feasible, we must not promote any in-product snippets to existing sync users until we can ensure good migration is supported
Migration mechanism
- Detect specific states.
- Non-email Sync account name. No migration possible.
- Single device. Encourage migration! No partitioning possible!
- Self-hosted. Offer to migrate to Mozilla's system if there's no locked pref to indicate that that's not desirable, provide docs to support continued self-hosting, inform the user of decommissioning plans so they can make an informed choice.
- Offer to set up a new Firefox Account using their same email address. Enter the normal account setup flow, which will take care of email verification. Don't reuse the password -- it's gone over the wire, many users won't remember it, and it's probably neither strong nor memorable.
- Preserve data syncing preferences, also allowing user to make new decisions at this point.
- Write decommissioning sentinel into the old Sync account. (bug 895526, bug 895518.)
- Disable or delete local Sync.old account.
- Clean up local prefs for sanity.
- Configure to intercept old account hooks e.g., Send Tab intents.
Open questions, issues and action items
Please strikethrough when complete. Thanks!
Who owns Firefox Accounts & Sync from a product marketing perspective- [eric] is the assumption since he is handling Firefox product marketing currently (although he's brand new :) )Who will handle the SUMO articles, etc (respective product lines?)- [roland] Ibai's Garcia team (probably Michael Verdi + new hire who starts in Jan 2013) will write all required SUMO Sync articles on all products; Roland Tanglao will be reviewer and approver for Android SUMO sync articles- Will each QA contact within each product line be responsible for testing Firefox Accounts & Sync behaviour? - [Tauni] talking to QA
- Any implications relating to FxOS support in terms of Firefox Accounts flows or behaviour? - We all assume not, but needs to be verified.
- Any implications relating to FxOS support in terms of existing Sync behaviour? - Need confirmation of FxOS FxA timing, roll-out and support plans to manage use-cases of one Firefox Account across non-FxOS and FxOS screens
- Do we gain any time by not supporting 'send open tab' or any other current sync feature?
- Need data to understand:
- How many sync users are Android users
- How many of the Android sync users are daily users
- What, in majority, are they syncing
- Do we have data on failed sign-up attempts
- How many users 'send open tab'
Change security defaults to allow recovery of bookmarks and history at a minimum if a user forgets their password, with the ability to provide optional, higher-security measures in the sync settings for those users who wish to upgrade their security at the expense of irrecoverable data- requirement deferred to next iteration of sync when the security model can be modifiedModifications to the security defaults and inclusion of optional, higher-security measures- requirement deferred to next iteration of sync when the security model can be modified
[old mvp bug tracking]
- Sync MVP bug tracking
- Bugs may still be relevant, so just keeping here for the moment until they can be flushed out as needed or not