next up previous
Next: Conclusions Up: How can things be Previous: Make the interface clear

Make access the user's choice

Once the user can tell what security settings are available, they should have the choice of changing them. The user should have the choice of allowing programs, websites, etc. to have privileges, (For example, allowing javascript to run only for certain websites) and these should be granted explicitly.

As Norman suggests [Norman, 1988], it should be easy for the user to change his or her mind once an action has been taken. This needs to include revoking access that a user has granted intentionally in the past, as well as simple mistakes.

Terri 2004-01-05