Design/Archive/Wikimedia Foundation Design/Login

Along with improvements to the account creation user experience, we currently plan to redesign the core MediaWiki login page for the desktop user. The mobile team is working on a simultaneous but separate mobile login experience which will be similar but architecturally separate for technical reasons.

Current
The current login pages for most Wikipedias are fairly simple, but many contain lengthy instructional material about account security, and does not always contain a very clear call-to-action for those who need to create an account rather than login. When observing users, we have regularly seen people attempt to first register on the login page, and the login page is one of the top referral pages for account creation (in English at least). While many local projects include custom content or styles, the most significant functionality difference is perhaps that most non-English login forms include links to alternative language versions of the login on their project, an option English doesn't provide.

Proposed
The proposed redesign will comply with new Wikimedia Foundation Design suggestions regarding color, button styles, typography, and more. It additionally attempts to present a clearer hierarchy of actions and information on the page, reducing MediaWiki messages where possible.

The exact elements required to be in proposed version would be limited to the following (in rough order of importance):


 * Username and password fields (to state the obvious), with in-field descriptive text.
 * A link to Special:PasswordReset ("Forgot your username or password?")
 * A call to action to "create an account" if the visitor doesn't have one, below the form
 * A persistent login checkbox ("Keep me logged in")
 * An SSL login link by default if the user is not using HTTPS already. If the user is already on HTTPS or clicks the link to do so, the link and icon should not appear.
 * A link to the localized equivalent of Help:Logging in
 * The language selector, if present, should be appropriately styled to not distract or overwhelm focus on the rest of form

Future ideas
The ability to login or create accounts from a menu on page, rather than redirecting people to a special page, would likely be a positive affordance that speeds up login. However, this method create the potential for security problems (i.e. man in the middle attacks). This idea is on hold for now.

Technical documentation
Our current redesign does not call for changing the form validation or other server-side authentication methods. We may consider incorporating the API for client-side validation that the account creation user experience work is building, but not if it is anything more than trivial to change.

/Engineering notes (garbled and incomplete) detail implementation challenges.