In my Best Practices For Web Form Design talk at IA Summit 2007 I walked thorugh the importance of Web forms and a series of design best practices culled from live to site analytics, usability testing, eye-tracking studies, and best practice surveys.
Some of the topics I discuss and provide patterns for are: label alignment, required form filed, input field sizes, content grouping, primary & secondary actions, help text & tips, dyanmic help systems, inline validation, error messages, progress indicators, success messaging, progressive disclosure, gradual engagement, tabbing, flexible data inputs, smart defaults, paths to completion, selection dependent inputs, and more...
This presentation reflects on the mood board and inspiration board which is the foundation of designing process.
Presented by The students of BA Degree in Jewellery Design & Manufacturing Techniques batch 13.
This presentation reflects on the mood board and inspiration board which is the foundation of designing process.
Presented by The students of BA Degree in Jewellery Design & Manufacturing Techniques batch 13.
Mrs. Davis introduces colored pencils in which the make-up of the lead and casing are discussed, a video of the process of the making of the pencil in the factory, different drawing techniques artists use to create various textures and basic problem solving skills.
As Richard Farson’s truism “no one smokes in church no matter how addicted” points out, context informs almost everything that happens in an environment. Online social experiences are no exception.
How a product’s social model is set up can impact not only who contributes, but how much, and why. From permission-based subscriptions to one-click follows, Luke will discuss the attributes and implications of several popular social models by looking at data and behavior in the Web’s most popular social applications.
Mrs. Davis introduces colored pencils in which the make-up of the lead and casing are discussed, a video of the process of the making of the pencil in the factory, different drawing techniques artists use to create various textures and basic problem solving skills.
As Richard Farson’s truism “no one smokes in church no matter how addicted” points out, context informs almost everything that happens in an environment. Online social experiences are no exception.
How a product’s social model is set up can impact not only who contributes, but how much, and why. From permission-based subscriptions to one-click follows, Luke will discuss the attributes and implications of several popular social models by looking at data and behavior in the Web’s most popular social applications.
In my Web Form Design Best Practices talk at the Technical Communication Summit in Minneapolis, MN I walked thorugh the importance of Web forms and a series of design best practices culled from live to site analytics, usability testing, eye-tracking studies, and best practice surveys.
Some of the topics I discuss and provide patterns for are: label alignment, required form filed, input field sizes, content grouping, primary & secondary actions, help text & tips, dyanmic help systems, inline validation, error messages, progress indicators, success messaging, progressive disclosure, gradual engagement, tabbing, flexible data inputs, smart defaults, paths to completion, selection dependent inputs, and more...
In the presentation I point out how the ability of visual communication to express core customer and brand messages across multiple forms of media has not changed much. However, shifts from locomotion to services, from pages to rich interactions, from sites to content experiences, and from content creation by webmasters to everyone online have introduced unique opportunities and constraints that the presentation layer of Web applications needs to account for.
Design Patterns: Defining and Sharing Web Design Languages Luke Wroblewski
In my Design Patterns: Defining and Sharing Web Design Languages talk at South by Southwest 2007 I discussed how to put design patterns to use within Web applications with an overview of the what, why, and how of shared online design pattern libraries.
In this talk, I outline the way people naturally scan Web pages and explain how you can guide users through key content and actions using visual hierarchy to construct meaningful, prioritized page layouts. You'll be taken through several before and after examples with explanations of how a page's content was prioritized, why, and how that priority is being communicated to users so they don't need to rely on chance to use your Web application.
Slides showing the Elements of User Experience (by Adaptive Path's Jesse James Garrett) illustrated through the analogy of an iceberg. Good for building client understanding of the fact that Visual design is only the "tip of the iceberg". Feel free to add these slides to your presentations.
Social Web Application Design. In particular: Comparison of how we think of “community” applications today vs. five years ago, Definitions of what and who defines social software, Overview of the interaction elements commonly found in social Web applications, Discussion about the pros and cons of enabling community features within products, Outline of best practices for designing social software (culled from my experiences working on products for eBay, Yahoo!, and more).
Les Formulaires - Les bonnes pratiques pour une meilleure expérience utilisat...Idean France
Remplir un formulaire, c’est pénible. Tout le monde s’accorde sur ce point. Pourtant, le formulaire permet de collecter des données, d’interagir avec un service, de devenir acteur d’une interface. Il est donc essentiel de soigner vos formulaires pour assurer la meilleure expérience utilisateur possible !
Suivre quelques bonnes pratiques peut rendre un formulaire intuitif et ludique, instaurant ainsi une relation positive entre l’humain et la marque.
Utilizing SharePoint to improve your businessRobert Crane
You can't expect to sell Windows SharePoint services unless you are actually using it within your own business. This presentation will take you through how an IT business like yours can implement SharePoint to improve your own productivity. You will also discover how to take this knowledge out to customers to create more revenue for your business. Learn how to work smarter with SharePoint. If you are planning on selling SharePoint services, and you should be, then you must attend this session to discover what works and what doesn't with SharePoint inside a business and how to leverage that knowledge to produce better business for yourself and your customers.
Collaboration Tools to Create Better ProductsEnthiosys Inc
Luke Hohmann presentation at Insight Forum. Provided concrete tools and concepts for collaborating with internal and external stakeholders to create better products
This presentation explains the components of usability, specifically in the context of web forms. Many hints on making web forms convenient and understandable are shared here.
This presentation by Oleksii Ponomarenko (Team International) was delivered at Front-End Practice #1 on July 22, 2015 in Kharkiv.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
11. Design Principles
• Minimize the pain
• No one likes filing in forms
• Smart defaults, inline validation, forgiving inputs
• Illuminate a path to completion
• Consider the context
• Familiar vs. foreign
• Frequently used vs. rarely used
• Ensure consistent communication
• Errors, Help, Success
• Single voice despite many stakeholders
11
12. Analyzing Performance
• Usability Testing
Errors, issues, assists, completion rates, time spent per
•
task, satisfaction scores
• Eye Tracking
Completion times, fixations, saccades
•
• Customer Support
Top problems, number of incidents
•
• Best Practices
Common solutions, unique approaches
•
• Site Tracking
Completion rates, entry points, exit points, elements
•
utilized, data entered
12
13. Design Patterns
Visual Communication
Information Affordances
+
Engagement
Interaction Disclosure
+
Response
Feedback Verification
13
16. Top Aligned Labels
• When data being
collected is familiar
• Minimize time to
completion
• Require more vertical
space
• Spacing or contrast is
vital to enable
efficient scanning
• Flexibility for
localization and
complex inputs
16
18. Right Aligned Labels
• Clear association
between label and
field
• Requires less vertical
space
• More difficult to just
scan labels due to
left rag
• Fast completion
times
18
20. Left Aligned Labels
• When data required is
unfamiliar
• Enables label
scanning
• Less clear association
between label and
field
• Requires less vertical
space
• Changing label length
may impair layout
20
22. Eye-tracking Data
• July 2006 study by Matteo
Penzo
• Left-aligned labels
• Easily associated labels with
the proper input fields
• Excessive distances between
labels inputs forced users to
take more time
• Right-aligned labels
• Reduced overall number of
fixations by nearly half
• Form completion times were
cut nearly in half
• Top-aligned labels
• Permitted users to capture
both labels & inputs with a
single eye movement’
• Fastest completion times
22
23. • For reduced
completion times &
familiar data input: top
aligned
BEST PRACTICE • When vertical screen
space is a constraint:
right aligned
• For unfamiliar, or
advanced data entry:
left aligned
23
24. Required Form Fields
• Indication of required fields is
most useful when
• There are lots of fields
• But very few are required
• Enables users to scan form to see
what needs to be filled in
• Indication of optional fields is
most useful when
• Very few fields are optional
• Neither is realy useful when
• All fields are required
24
31. • Try to avoid optional
fields
• If most fields are
required: indicate
optional fields
BEST PRACTICE • If most fields are
optional: indicate
required fields
• Text is best, but * often
works for required
fields
• Associate indicators
with labels
31
32. Field Lengths
• Field lengths can
provide valuable
affordances
• Appropriate field
lengths provide enough
space for inputs
• Random field lengths
may add visual noise to
a form
32
36. • When possible, use
field length as an
affordance
BEST PRACTICE
• Otherwise consider a
consistent length that
provides enough room
for inputs
36
37. Content Grouping
• Content relationships
provide a structured
way to organize a form
• Groupings provide
• A way to scan
information required at a
high level
• A sense of how
information within a form
is related
37
44. • Use relevant content
groupings to organize
forms
BEST PRACTICE
• Use the minimum
amount of visual
elements necessary to
communicate useful
relationships
44
45. Actions
• Not all form actions are equal
• Reset, Cancel, & Go Back are secondary actions: rarely
need to be used (if at all)
• Save, Continue, & Submit are primary actions: directly
responsible for form completion
• The visual presentation of actions should match
their importance
45
48. • Avoid secondary
actions if possible
BEST PRACTICE • Otherwise, ensure a
clear visual distinction
between primary &
secondary actions
48
49. Help & Tips
• Help & Tips are useful when:
Asking for unfamiliar data
•
Users may question why data is being requested
•
There are recommended ways of providing data
•
Certain data requests are optional
•
• However, Help & Tips can quickly overwhelm a
form if overused
• In these cases, you may want to consider a
dynamic solution
• Automatic inline exposure
• User activated inline exposure
• User activated section exposure
49
58. • Minimize the amount of
help & tips required to
fill out a form
• Help visible and
adjacent to a data
BEST PRACTICE request is most useful
• When lots of unfamiliar
data is being
requested, consider
using a dynamic help
system
58
61. Path to Completion
• Primary goal for every form is
completion
• Every input requires consideration &
action
• Remove all unnecessary data requests
• Enable flexible data input
• Provide a clear path
• Enable smart defaults
61
68. • Remove all
unnecessary data
requests
• Enable smart defaults
BEST PRACTICE • Employ flexible data
entry
• Illuminate a clear path
to completion
• For long forms, show
progress & save
68
69. Tabbing
• Many users interact with a form by
“tabbing” between fields
• Proper HTML markup can ensure
tabbing works as expected
• Multi-column form layouts may conflict
with expected tabbing behavior
69
71. • Remember to account
for tabbing behavior
• Use the tabindex
BEST PRACTICE attribute to control
tabbing order
• Consider tabbing
expectations when
laying out forms
71
72. Progressive Disclosure
• Not all users require all available
options all the time
• Progressive disclosure provides
additional options when appropriate
• Advanced options
• Gradual engagement
72
79. • Map progressive
disclosure to
prioritized user needs
BEST PRACTICE
• Most effective when
user-initiated
• Maintain a consistent
approach
79
80. Selection Dependent Inputs
• Sometimes an initial data input requires
or enables additional inputs
• More options become available because of
an initial input
• Further clarification required due to initial
input
80
84. Exposing Dependent Inputs
• Page Level
• Requires additional step
• Section Tabs
• Often go unnoticed
• Require smart defaults
• Finger Section Tabs
• Follow path to completion scan line
• Section Selectors
• Effectively Group information
• Hide some options
• Expose Below & Expose Within
• Potential for confusion
• Inactive Until Selected & Exposed within Groups
• Association between primary selection is impaired
84
85. • Maintain clear
relationship between
initial selection options
BEST PRACTICE
• Clearly associate
additional inputs with
their trigger
• Avoid “jumping” that
disassociates initial
selection options
85
93. • Use inline validation for
inputs that have
potentially high error
BEST PRACTICE rates
• Use suggested inputs
to disambiguate
• Communicate limits
93
94. Errors
• Errors are used to ensure all required
data is provided and valid
• Clear labels, affordances, help/tips &
validation can help reduce errors
• But some errors may still occur
• Provide clear resolution in as few steps
as possible
94
100. • Clearly communicate
an error has occurred:
top placement, visual
contrast
• Provide actionable
BEST PRACTICE remedies to correct
errors
• Associate responsible
fields with primary
error message
• “Double” the visual
language where errors
have occurred
100
101. Progress
• Sometimes actions require some time to
process
• Form submission
• Data calculations
• Uploads
• Provide feedback when an action is in
progress
101
103. • Provide indication of
tasks in progress
BEST PRACTICE • Disable “submit”
button after user clicks
it to avoid duplicate
submissions
103
104. Success
• After successful form completion
confirm data input in context
• On updated page
• On revised form
• Provide feedback via
• Message (removable)
• Animated Indicator
104
108. • Clearly communicate a
data submission has
been successful
BEST PRACTICE
• Provide feedback in
context of data
submitted
108
109. Additional Tips
• Avoid changing inputs provided by
users
• With later inputs
• After an error has occurred
• Let users know if difficult to obtain
information is required prior to sending
them to a form
109
110. Accessibility & Mark-up
• Use <label> tags to associate labels with inputs
• Properly read by screen readers
• Most browsers treat text with <label> tags as
clickable: larger actions
• Use the tabindex attribute to provide a “tabbing” path
• Provides control over tabbing order
• Enables forms to be navigated by keyboard
• Consider the accesskey attribute for additional
keyboard support
• Direct access to associated input fields
• Consider <fieldset> to group related form fields
110
111. Web Form Creation Tools
• Wufoo
• http://www.wufoo.com
• Form Assembly
• http://www.formassembly.com
• icebrrg
• http://www.icebrrg.com
111
112. For more information…
• Functioning Form
• www.lukew.com/ff/
• Site-Seeing: A Visual
Approach to Web Usability
• Wiley & Sons
• Drop me a note
• luke@lukew.com
112